diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
index 011081f..f4cf3ec 100644
--- a/.github/workflows/npm-publish.yml
+++ b/.github/workflows/npm-publish.yml
@@ -1,17 +1,24 @@
-# When anyone pushes to npm branch in this repo, the package will be published to npm. This action requires
-# access to NPM_TOKEN secret. Contact core.ai admins to get access to core.ais org tokens.
-# To publish to your own npm account, follow this https://docs.npmjs.com/creating-and-viewing-access-tokens
+# When anyone pushes to npm branch in this repo, the package will be published to npm.
+# https://docs.npmjs.com/trusted-publishers is active in this repo
 name: Publish package to npm
 
 on:
   push:
     branches: [ npm ]
 
+permissions:
+  id-token: write  # Required for OIDC
+  contents: read
+
 jobs:
   build-tasks:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '24'
+          registry-url: 'https://registry.npmjs.org'
       - name: Npm Install
         run: |
           npm ci
@@ -22,5 +29,3 @@ jobs:
       - name: Publishing package to npm repository
         run: |
           npm publish --access public
-        env:
-          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}