diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index e64955bc..f343ea04 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -17,20 +17,34 @@ jobs:
         uses: RDXWorks-actions/checkout@main
         with:
           fetch-depth: 0
+
       - name: Setup Node.js
         uses: RDXWorks-actions/setup-node@main
         with:
           node-version: '20.x'
+
+      - uses: radixdlt/public-iac-resuable-artifacts/fetch-secrets@main
+        with:
+          role_name: 'arn:aws:iam::${{ secrets.SECRETS_ACCOUNT_ID }}:role/gh-radix-dapp-toolkit-secrets-read-access'
+          app_name: 'dapp-toolkit'
+          step_name: 'npm'
+          secret_prefix: 'GH'
+          secret_name: 'arn:aws:secretsmanager:eu-west-2:${{ secrets.SECRETS_ACCOUNT_ID }}:secret:github-actions/radixdlt/radix-dapp-toolkit/npm-token-A52rl3'
+          parse_json: true
+
       - name: Authenticate with private NPM package
-        run: echo "//registry.npmjs.org/:_authToken=${{ secrets.NPMJS_TOKEN }}" > ~/.npmrc
+        run: echo "//registry.npmjs.org/:_authToken=${{ env.GH_NPMJS_TOKEN }}" > ~/.npmrc
+      
       - name: Install dependencies
         run: npm ci
+      
       - name: Build
         run: npm run build
+
       - name: Release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NPM_TOKEN: ${{ secrets.NPMJS_TOKEN }}
+          NPM_TOKEN: ${{ env.GH_NPMJS_TOKEN }}
         run: |
           cd packages/dapp-toolkit
           npx semantic-release | tee out
@@ -45,11 +59,13 @@ jobs:
           secret_prefix: 'SNYK'
           secret_name: 'arn:aws:secretsmanager:eu-west-2:${{ secrets.SECRETS_ACCOUNT_ID }}:secret:github-actions/common/snyk-credentials-rXRpuX'
           parse_json: true
+
       - name: Generate SBOM
         uses: RDXWorks-actions/snyk-actions/node@master
         with:
           args: --all-projects --org=${{ env.SNYK_PROJECTS_ORG_ID }} --format=cyclonedx1.4+json > sbom.json
           command: sbom
+
       - name: Upload SBOM
         uses: RDXWorks-actions/upload-release-assets@c94805dc72e4b20745f543da0f62eaee7722df7a
         with:
diff --git a/packages/dapp-toolkit/sonar-project.properties b/packages/dapp-toolkit/sonar-project.properties
index 61a411f9..ebe1e9df 100644
--- a/packages/dapp-toolkit/sonar-project.properties
+++ b/packages/dapp-toolkit/sonar-project.properties
@@ -1,5 +1,5 @@
 sonar.organization=radixdlt-github
-sonar.projectKey=radixdlt_radix-dapp-toolkit
+sonar.projectKey=radix-dapp-toolkit
 
 sonar.sources=src
 sonar.coverage.exclusions=**/*.test.*,**/*.spec.*