diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
index 2f4bb30a6a63..e6501305f384 100644
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@@ -22,6 +22,11 @@ jobs:
     permissions:
       contents: read
       packages: write
+      # The id-token write permission is needed to connect to Depot.dev
+      # as part of the partial-builder.yml action. It needs to be declared
+      # in the parent action, as noted here:
+      # https://github.com/orgs/community/discussions/76409#discussioncomment-8131390
+      id-token: write
     name: Build Tagged Release
     uses: ./.github/workflows/partial-builder.yml
     needs:
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 8417fff333b7..817ba3e8c14e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -17,6 +17,11 @@ jobs:
     permissions:
       contents: read
       packages: write
+      # The id-token write permission is needed to connect to Depot.dev
+      # as part of the partial-builder.yml action. It needs to be declared
+      # in the parent action, as noted here:
+      # https://github.com/orgs/community/discussions/76409#discussioncomment-8131390
+      id-token: write
     name: Build Tagged Release
     uses: ./.github/workflows/partial-builder.yml
     needs: