lets protected deployments accept from Vercel projects and external services you authorize, so you no longer have to share a long-lived secret. Trusted Sources is the recommended approach, but Protection Bypass for Automation continues to workTrusted Sourcesshort-lived identity tokens (OIDC)Protection Bypass for Automation Callers attach an OIDC token in the header. Vercel then verifies the signature, checks the claims you configured, and confirms the environment matches the rule.x-vercel-trusted-oidc-idp-token By default, the for a project can call its own deployments.

To authorize another project in the same team, add it to Trusted Sources. Vercel OIDC token Self-access and cross-project rules are both customizable with / environment pairs. To authenticate a request from a project, forward its Vercel OIDC token:fromto Any custom OIDC provider can be authorized as a trusted external service, such as GitHub Actions, or a Vercel project in another team. Read the to learn more.documentation Read more Authorize Vercel projects Authorize external services