diff --git a/.github/workflows/pre_release.yml b/.github/workflows/pre_release.yml
index f7c48a878e..956464296d 100644
--- a/.github/workflows/pre_release.yml
+++ b/.github/workflows/pre_release.yml
@@ -34,7 +34,6 @@ jobs:
       if: ${{ github.ref == 'master' }}
       uses: actions/github-script@v3
       with:
-        github_token: ${{ secrets.PAT }}
         script: |
             core.setFailed('This workflow can not run on master branch')
     - uses: actions/checkout@v3
@@ -44,8 +43,7 @@ jobs:
         java-version: '11.x'
         distribution: 'adopt'
         cache: maven
-        token: ${{secrets.PAT}}
-    - name: 'Fix versions, commit and push new tag'
+    - name: 'Fix versions, commit and tag'
       env:
           LAST_MS_VERSION: ${{ github.event.inputs.previous-ms-version }}
           NEW_MS_VERSION: ${{ github.event.inputs.version }}
@@ -94,7 +92,13 @@ jobs:
         git add CHANGELOG.md
         git commit -m "Version Release ${NEW_MS_VERSION}"
         git tag v${NEW_MS_VERSION} # create tag
-        git push origin ${{ github.ref_name }} --tags # push tag
+        # git push origin ${{ github.ref_name }} --tags # push tags
+        name: Push to protected branch
+        uses: CasperWA/push-protected@v2
+        with:
+          token: ${{ secrets.PAT }} # This requires a special token to be able to trigger checks on new branch creation
+          ref: ${{ github.ref }}
+          tags: true
   update-main-changelog:
     runs-on: ubuntu-latest
     needs: fix-version
@@ -107,7 +111,7 @@ jobs:
         uses: actions/setup-node@v3
         with:
             node-version: '16.x'
-      - name: 'Updte changelog on master'
+      - name: 'Update changelog on master'
         env:
             LAST_MS_VERSION: ${{ github.event.inputs.previous-ms-version }}
             NEW_MS_VERSION: ${{ github.event.inputs.version }}