diff --git a/.circleci/config.yml b/.circleci/config.yml
index 4f59787c8..7a8404151 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1,4 +1,3 @@
-
 version: 2.1
 jobs:
   check:
@@ -33,7 +32,6 @@ jobs:
           name: Run Unit Tests
           command: |
             npm run test:unit
-
   test-integration:
     docker:
       - image: cimg/node:16.11
@@ -46,7 +44,6 @@ jobs:
           name: Run Integration Tests
           command: |
             npm run test:integration
-
   test-e2e:
     docker:
       - image: cimg/node:16.11
@@ -59,7 +56,6 @@ jobs:
           name: Run E2E Tests
           command: |
             npm run test:e2e
-
   release:
     docker:
       - image: cimg/node:16.11
@@ -67,7 +63,6 @@ jobs:
       - checkout
       - run: npm install
       - run: npm run semantic-release
-
 workflows:
   test-and-release:
     jobs:
diff --git a/.contentful/vault-secrets.yaml b/.contentful/vault-secrets.yaml
new file mode 100644
index 000000000..7beafba27
--- /dev/null
+++ b/.contentful/vault-secrets.yaml
@@ -0,0 +1,5 @@
+version: 1
+services:
+  github-action:
+    policies:
+      - dependabot
diff --git a/.github/workflows/dependabot-approve-and-request-merge.yml b/.github/workflows/dependabot-approve-and-request-merge.yml
index f65a60aca..a2c9b5de8 100644
--- a/.github/workflows/dependabot-approve-and-request-merge.yml
+++ b/.github/workflows/dependabot-approve-and-request-merge.yml
@@ -1,14 +1,15 @@
 name: "dependabot approve-and-request-merge"
 
-on:
-  pull_request_target
+on: pull_request_target
 
 jobs:
   worker:
+    permissions:
+      contents: write
+      id-token: write
     runs-on: ubuntu-latest
-
     if: github.actor == 'dependabot[bot]'
     steps:
-      - uses: contentful/dependabot-auto-merge@v1
+      - uses: contentful/github-auto-merge@v1
         with:
-          github_token: ${{ secrets.CF_ECOSYSTEM_BOT_GITHUB_TOKEN_AUTO_APPROVE }}
+          VAULT_URL: ${{ secrets.VAULT_URL }}