diff --git a/.github/ort/config.yml b/.github/ort/config.yml
new file mode 100644
index 000000000..89f787848
--- /dev/null
+++ b/.github/ort/config.yml
@@ -0,0 +1,19 @@
+ort:
+  packageConfigurationProviders:
+  - type: OrtConfig
+  packageCurationProviders:
+  - type: OrtConfig
+  analyzer:
+    skipExcluded: true
+  advisor:
+    skipExcluded: true
+  reporter:
+    config:
+      CycloneDx:
+        output.file.formats: JSON
+      SpdxDocument:
+        creationInfo.organization: Eclipse Apoapsis
+        document.name: ORT Server
+      WebApp:
+        # Otherwise, the tree view in the report is barely usable.
+        deduplicateDependencyTree: true
diff --git a/.github/workflows/ort.yml b/.github/workflows/ort.yml
index 1068a300c..f779d2aa0 100644
--- a/.github/workflows/ort.yml
+++ b/.github/workflows/ort.yml
@@ -3,6 +3,9 @@ name: ORT
 on:
   workflow_dispatch:
 
+env:
+  ORT_CONFIG_DIR: ${{ github.workspace }}/ort-server/.github/ort
+
 jobs:
   ort:
     name: Run ORT