diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 0fba70a9..c3aeb424 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -15,27 +15,15 @@ env:
     }'
   AWS_ROLE_TO_ASSUME: 'arn:aws:iam::192549843005:role/github_concordium-client'
 
-
+permissions:
+  id-token: write
+  contents: read
 
 jobs:
   validate-preconditions:
     runs-on: ubuntu-latest
     environment: release
     steps:
-      - name: Retrieve GitHub OIDC Token and Extract Sub
-        id: oidc_token
-        run: |
-          # Fetch OIDC token from GitHub
-          oidc_token=$(curl -s -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL" | jq -r '.value')
-
-          # Decode the token and extract 'sub' (subject) claim
-          sub=$(echo "${oidc_token}" | base64 -d | jq -r '.sub')
-          echo "OIDC sub: $sub"
-          echo "sub=${sub}" >> "$GITHUB_ENV"
-        env:
-          ACTIONS_ID_TOKEN_REQUEST_URL: ${{ steps.auth.outputs.id-token }}
-          ACTIONS_ID_TOKEN_REQUEST_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v4
         with: