diff --git a/.changeset/npm-trusted-publishing.md b/.changeset/npm-trusted-publishing.md
new file mode 100644
index 00000000..b755b9df
--- /dev/null
+++ b/.changeset/npm-trusted-publishing.md
@@ -0,0 +1,5 @@
+---
+"druid-query-toolkit": patch
+---
+
+Add npm trusted publishing support for automated releases via OIDC
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 42fe60c9..d29678e0 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -16,6 +16,10 @@ jobs:
     if: github.repository == 'implydata/druid-query-toolkit'
     name: Release
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: write
+      pull-requests: write
 
     steps:
       - uses: actions/checkout@v4
@@ -31,11 +35,14 @@ jobs:
 
       - run: npm install --prefer-offline --no-audit
 
+      - name: Update npm
+        run: npm install -g npm@latest
+
       - name: Create Release Pull Request or Publish to npm
         id: changesets
         uses: changesets/action@v1
         with:
-          publish: npx changeset publish --otp=1
+          publish: npx changeset publish
           createGithubReleases: true
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}