diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 7d899cf3..e4196585 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -2,6 +2,8 @@ name: CI
 permissions:
   contents: write
   pull-requests: write
+  id-token: write
+
 on:
   push:
     branches:
@@ -62,7 +64,7 @@ jobs:
         run: gh pr merge --auto --merge "$PR_URL" # Use Github CLI to merge automatically the PR
         env:
           PR_URL: ${{github.event.pull_request.html_url}}
-          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} 
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 
 
   npm-publish-build:
     needs: build
@@ -82,7 +84,6 @@ jobs:
       - uses: JS-DevTools/npm-publish@v4.1.2
         if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]'
         with:
-          token: ${{ secrets.NPM_TOKEN }}
           tag: ${{ env.GITHUB_REF_SLUG }}
   
   npm-publish-latest:
@@ -101,5 +102,4 @@ jobs:
       - uses: JS-DevTools/npm-publish@v4.1.2
         if: github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]' 
         with:
-          token: ${{ secrets.NPM_TOKEN }}
           tag: latest