diff --git a/.forgejo/workflows/update-flake-lock.yml b/.forgejo/workflows/update-flake-lock.yml
index da8f5cc1..34a9add3 100644
--- a/.forgejo/workflows/update-flake-lock.yml
+++ b/.forgejo/workflows/update-flake-lock.yml
@@ -4,7 +4,8 @@ on:
   workflow_dispatch:  # allows manual triggering
   schedule:
     - cron: '0 0 * * 0'  # runs weekly on Sunday at 00:00
-
+env:
+  FORGEJO_TOKEN: ${{ secrets.GLOBAL_FORGEJO_TOKEN }}
 jobs:
   lockfile:
     runs-on: docker
@@ -13,13 +14,20 @@ jobs:
     steps:
       - name: Setup Node
         uses: actions/setup-node@v4
+        with:
+          token: ${{ env.FORGEJO_TOKEN }}
       - name: Checkout repository
         uses: actions/checkout@v4
+        with:
+          token: ${{ env.FORGEJO_TOKEN }}
       - name: Install Nix
         uses: actions/nix-installer-action@main
+        with:
+          token: ${{ env.FORGEJO_TOKEN }}
       - name: Update flake.lock
         uses: actions/update-flake-lock@main
         with:
+          token: ${{ env.FORGEJO_TOKEN }}
           pr-title: "Update flake.lock"
           pr-labels: |
             dependencies
@@ -28,6 +36,7 @@ jobs:
       - uses: actions/gotify-action@master
         if: always()
         with:
+          token: ${{ env.FORGEJO_TOKEN }}
           gotify_api_base: ${{ secrets.GOTIFY_URL }}
           gotify_app_token: ${{ secrets.GOTIFY_TOKEN }}
           notification_title: |