diff --git a/.github/workflows/create-pr-for-release-and-publish.yml b/.github/workflows/create-pr-for-release-and-publish.yml
index 0e99b985..85d69313 100644
--- a/.github/workflows/create-pr-for-release-and-publish.yml
+++ b/.github/workflows/create-pr-for-release-and-publish.yml
@@ -65,6 +65,8 @@ jobs:
   create_release:
     name: Create release and publish
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
     if: github.repository_owner == 'discordjs' && github.event_name == 'push' && startsWith(github.event.head_commit.message, 'chore(release)') && !contains(github.event.head_commit.message, '[skip ci]')
 
     steps:
diff --git a/.github/workflows/publish-next.yml b/.github/workflows/publish-next.yml
index 1879ee15..ecde231f 100644
--- a/.github/workflows/publish-next.yml
+++ b/.github/workflows/publish-next.yml
@@ -10,6 +10,8 @@ jobs:
   publish:
     name: Publish @next release to npm
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
     if: github.repository_owner == 'discordjs' && !(github.event_name == 'push' && startsWith(github.event.head_commit.message, 'chore(release)'))
     steps:
       - name: Cancel previous publish attempts
diff --git a/package.json b/package.json
index e519bffe..099900d6 100644
--- a/package.json
+++ b/package.json
@@ -157,6 +157,9 @@
 		"tsutils": "^3.21.0",
 		"typescript": "^4.9.5"
 	},
+	"publishConfig": {
+		"provenance": true
+	},
 	"repository": {
 		"type": "git",
 		"url": "https://github.com/discordjs/discord-api-types"