diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 33292ea5..1f9f4c54 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -104,6 +104,8 @@ jobs:
     runs-on: ${{ matrix.os }}
     name: Codon CI
     needs: [ release ]
+    permissions:
+      id-token: write
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-python@v5
@@ -232,19 +234,14 @@ jobs:
           name: ${{ matrix.os }}-x86_64
           path: codon-linux-x86_64.tar.gz
 
-      - name: Publish on TestPyPI
-        if: github.ref == 'refs/heads/develop' && startsWith(matrix.os, 'ubuntu')
-        uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          user: __token__
-          password: ${{ secrets.PYPI_TEST_TOKEN }}
-          repository-url: https://test.pypi.org/legacy/
-          skip-existing: true
+      # - name: Publish on TestPyPI
+      #   if: github.ref == 'refs/heads/develop' && startsWith(matrix.os, 'ubuntu')
+      #   uses: pypa/gh-action-pypi-publish@release/v1
+      #   with:
+      #     repository-url: https://test.pypi.org/legacy/
+      #     skip-existing: true
 
       - name: Publish Package
         if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags') && startsWith(matrix.os, 'ubuntu')
         uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          user: __token__
-          password: ${{ secrets.PYPI_TOKEN }}