diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml
index 70228081..7a66ee72 100644
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -84,4 +84,4 @@ jobs:
           ARM_CLIENT_ID: ${{ fromJSON(secrets.SECURE_AZURE_CREDENTIALS).clientId }}
           ARM_SUBSCRIPTION_ID: ${{ fromJSON(secrets.SECURE_AZURE_CREDENTIALS).subscriptionId }}
           ARM_TENANT_ID: ${{ fromJSON(secrets.SECURE_AZURE_CREDENTIALS).tenantId }}
-          ARM_CLIENT_SECRET: ${{ fromJSON(secrets.AZURE_CREDENTIALS).clientSecret }}
\ No newline at end of file
+          # ARM_CLIENT_SECRET: ${{ fromJSON(secrets.AZURE_CREDENTIALS).clientSecret }}
\ No newline at end of file
diff --git a/deployment/bin/deploy b/deployment/bin/deploy
index f0e1713a..55726fa8 100755
--- a/deployment/bin/deploy
+++ b/deployment/bin/deploy
@@ -61,7 +61,7 @@ fi
 require_env "IMAGE_TAG"
 require_env "GIT_COMMIT"
 require_env "ARM_CLIENT_ID"
-require_env "ARM_CLIENT_SECRET"
+# require_env "ARM_CLIENT_SECRET"
 require_env "ARM_TENANT_ID"
 
 # Directory for rendered values and templates
diff --git a/deployment/docker-compose.yml b/deployment/docker-compose.yml
index c53f4f0f..f0203ef7 100644
--- a/deployment/docker-compose.yml
+++ b/deployment/docker-compose.yml
@@ -14,7 +14,7 @@ services:
       - ARM_SUBSCRIPTION_ID
       - ARM_TENANT_ID
       - ARM_CLIENT_ID
-      - ARM_CLIENT_SECRET
+      # - ARM_CLIENT_SECRET
 
       # Used in the dev stack as an identifier
       - TF_VAR_username=${USER}
diff --git a/deployment/terraform/resources/providers.tf b/deployment/terraform/resources/providers.tf
index 0c06d28c..54d977d7 100644
--- a/deployment/terraform/resources/providers.tf
+++ b/deployment/terraform/resources/providers.tf
@@ -1,5 +1,6 @@
 provider azurerm {
   features {}
+  use_oidc = true
 }
 
 terraform {
diff --git a/deployment/terraform/staging/main.tf b/deployment/terraform/staging/main.tf
index 26150b1a..6cc73aff 100644
--- a/deployment/terraform/staging/main.tf
+++ b/deployment/terraform/staging/main.tf
@@ -32,6 +32,7 @@ terraform {
     storage_account_name = "pctesttfstate"
     container_name       = "pc-test-api"
     key                  = "pqe-apis.tfstate"
+    use_oidc             = true
   }
 }