diff --git a/docs/builder_image.md b/docs/builder_image.md
index 30e58dad1..4ad3d2ee3 100644
--- a/docs/builder_image.md
+++ b/docs/builder_image.md
@@ -76,6 +76,13 @@ and placing them into the appropriate directories inside the image. The workflow
 1. Build any application artifacts.
 1. Install the artifacts into locations appropriate for running.
 
+In the case you need to assemble the Image using a different user than the runtime user defined 
+in ``USER`` directive of Dockerfile, you can achive this by the following ways:
+
+1. use the `--assemble-user` in cmd line
+1. use the label `io.openshift.s2i.assemble-user`
+
+
 #### Example `assemble` script:
 
 **NOTE**: All the examples are written in [Bash](http://www.gnu.org/software/bash/)
diff --git a/pkg/build/strategies/strategies.go b/pkg/build/strategies/strategies.go
index 7a1849244..9b8e4c7ba 100644
--- a/pkg/build/strategies/strategies.go
+++ b/pkg/build/strategies/strategies.go
@@ -23,10 +23,20 @@ func GetStrategy(client docker.Client, config *api.Config) (build.Builder, api.B
 func Strategy(client docker.Client, config *api.Config, overrides build.Overrides) (build.Builder, api.BuildInfo, error) {
 	var builder build.Builder
 	var buildInfo api.BuildInfo
+	var err error
 
 	fs := fs.NewFileSystem()
 
 	startTime := time.Now()
+
+	if config.AssembleUser, err = docker.GetAssembleUser(client, config); err != nil {
+		buildInfo.FailureReason = utilstatus.NewFailureReason(
+			utilstatus.ReasonPullBuilderImageFailed,
+			utilstatus.ReasonMessagePullBuilderImageFailed,
+		)
+		return nil, buildInfo, err
+	}
+
 	image, err := docker.GetBuilderImage(client, config)
 	buildInfo.Stages = api.RecordStageAndStepInfo(buildInfo.Stages, api.StagePullImages, api.StepPullBuilderImage, startTime, time.Now())
 	if err != nil {
diff --git a/pkg/docker/docker.go b/pkg/docker/docker.go
index 029758aa4..fa4097174 100644
--- a/pkg/docker/docker.go
+++ b/pkg/docker/docker.go
@@ -50,6 +50,9 @@ const (
 	// The previous name of this label was 'io.s2i.scripts-url'. This is now
 	// deprecated.
 	ScriptsURLLabel = api.DefaultNamespace + "scripts-url"
+
+	// AssembleUserLabel is the User that will be used in the assemble process
+	AssembleUserLabel = api.DefaultNamespace + "assemble-user"
 	// DestinationLabel is the name of the Docker image LABEL that tells S2I where
 	// to place the artifacts (scripts, sources) in the builder image.
 	// The previous name of this label was 'io.s2i.destination'. This is now
diff --git a/pkg/docker/util.go b/pkg/docker/util.go
index 371bd3614..512e96021 100644
--- a/pkg/docker/util.go
+++ b/pkg/docker/util.go
@@ -363,3 +363,19 @@ func GetDefaultDockerConfig() *api.DockerConfig {
 
 	return cfg
 }
+
+// GetAssembleUser finds an assemble user on the given image.
+// This functions receives the config to check if the AssembleUser was defined in command line
+// If the cmd is blank, it tries to fetch the value from the Builder Image defined Label (assemble-user)
+// Otherwise it follows the common flow, using the USER defined in Dockerfile
+func GetAssembleUser(client Client, config *api.Config) (string, error) {
+	if len(config.AssembleUser) > 0 {
+		return config.AssembleUser, nil
+	}
+	d := New(client, config.PullAuthentication)
+	imageData, err := d.GetLabels(config.BuilderImage)
+	if err != nil {
+		return "", err
+	}
+	return imageData[AssembleUserLabel], nil
+}