diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 01884f3..8f7548a 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -166,18 +166,13 @@ jobs:
     - name: Display the distribution directory
       run: |
         ls -l dist
-    # - name: Publish distribution to TestPyPI
-    #   uses: pypa/gh-action-pypi-publish@release/v1
-    #   with:
-    #     packages_dir: dist
-    #     password: ${{ secrets.TEST_PYPI_API_TOKEN }}
-    #     repository_url: https://test.pypi.org/legacy/
     - name: Publish distribution to PyPI
       if: startsWith(github.ref, 'refs/tags')
       uses: pypa/gh-action-pypi-publish@release/v1
       with:
-        packages_dir: dist
-        password: ${{ secrets.PYPI_API_TOKEN }}
+        packages-dir: dist
+        # Pypi has a trusted publisher defined, so we do not need a password:
+        # https://pypi.org/manage/project/zhmc_prometheus_exporter/settings/publishing/
 
     #-------- Creation of Github release
     - name: Determine whether release on Github exists for the pushed tag
diff --git a/changes/noissue.6.cleanup.rst b/changes/noissue.6.cleanup.rst
new file mode 100644
index 0000000..24da602
--- /dev/null
+++ b/changes/noissue.6.cleanup.rst
@@ -0,0 +1,2 @@
+Dev: Started using the trusted publisher concept of Pypi in order to avoid
+dealing with Pypi access tokens.