Inconsistent usages of `ACTIONS_ID_TOKEN_REQUEST_TOKEN` and `ACTIONS_RUNTIME_TOKEN`

[jiasli]

Code of Conduct

• I have read and agree to the GitHub Docs project's Code of Conduct

What article on docs.github.com is affected?

https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers

What part(s) of the article would you like to see updated?

First it says using environment variable ACTIONS_ID_TOKEN_REQUEST_TOKEN:

https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers#adding-permissions-settings

Using environment variables on the runner (ACTIONS_ID_TOKEN_REQUEST_URL and ACTIONS_ID_TOKEN_REQUEST_TOKEN).

Later on, it says using ACTIONS_RUNTIME_TOKEN:

https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers#using-custom-actions

Alternatively, you can use the following environment variables to retrieve the token: ACTIONS_RUNTIME_TOKEN, ACTIONS_ID_TOKEN_REQUEST_URL.

I checked in an actual run and saw they contain the same value, but the document should be consistent on which environment variable should be used.

Additional information

No response

[welcome]

Thanks for opening this issue. A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.

[nguyenalex836]

@jiasli Thank you for opening this issue! I'll get this triaged for review ✨

[azanhayat]

[maintainer edit for spammy content]

[AdeelChudaray]

Thanks for

[t-me-c-2093488272-77]

👌

[t-me-c-2093488272-77]

Thanks

[t-me-c-2093488272-77]

Code of Conduct

• I have read and agree to the GitHub Docs project's Code of Conduct

What article on docs.github.com is affected?

https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers

What part(s) of the article would you like to see updated?

First it says using environment variable ACTIONS_ID_TOKEN_REQUEST_TOKEN:

https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers#adding-permissions-settings

Using environment variables on the runner (ACTIONS_ID_TOKEN_REQUEST_URL and ACTIONS_ID_TOKEN_REQUEST_TOKEN).

Later on, it says using ACTIONS_RUNTIME_TOKEN:

https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers#using-custom-actions

Alternatively, you can use the following environment variables to retrieve the token: ACTIONS_RUNTIME_TOKEN, ACTIONS_ID_TOKEN_REQUEST_URL.

I checked in an actual run and saw they contain the same value, but the document should be consistent on which environment variable should be used.

Additional information

No response