diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index c0cb1f88..f91deaf7 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -44,6 +44,7 @@ jobs:
           allowed-endpoints: >
             api.github.com:443
             api.osv.dev:443
+            api.securityscorecards.dev:443
             fulcio.sigstore.dev:443
             github.com:443
             objects.githubusercontent.com:443