diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index be12984..dced414 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -5,6 +5,9 @@ on:
 jobs:
   build-and-publish:
     runs-on: ubuntu-latest
+    permissions:
+      # IMPORTANT: this permission is mandatory for trusted publishing
+      id-token: write
     steps:
     - name: Checkout
       uses: actions/checkout@v3
@@ -21,5 +24,3 @@ jobs:
       run: python -m build .
     - name: Publish
       uses: pypa/gh-action-pypi-publish@release/v1
-      with:
-        password: ${{ secrets.pypi_password }}