●CODE — Claude Code adds Trusted Devices, verifying a machine before remote admin sessions begin●CODE — CPU use drops about 37% during streaming, keeping long always-on automation steadier●CODE — Fullscreen mouse-click controls, voice dictation fixes, and better Linux voice detection land●AUTH — Static API keys can now be replaced with short-lived, scoped WIF credentials●TEAM — You can tag Claude directly in Slack and delegate tasks while you focus elsewhere●WORKFLOW — Dynamic workflows arrive in research preview, breaking complex work into steps on their own●CODE — Claude Code adds Trusted Devices, verifying a machine before remote admin sessions begin●CODE — CPU use drops about 37% during streaming, keeping long always-on automation steadier●CODE — Fullscreen mouse-click controls, voice dictation fixes, and better Linux voice detection land●AUTH — Static API keys can now be replaced with short-lived, scoped WIF credentials●TEAM — You can tag Claude directly in Slack and delegate tasks while you focus elsewhere●WORKFLOW — Dynamic workflows arrive in research preview, breaking complex work into steps on their own

TAG

WIF

1 articles

← Back to all tags

Claude Code¹ Security¹ API Keys¹ Automation¹

⟐ Claude Code/2026-06-28Intermediate

Stop Leaving a Static API Key in Your Unattended Jobs — Move to Short-Lived WIF Credentials

Claude Code is moving from static API keys toward short-lived, scoped credentials via WIF (Workload Identity Federation). Here is how to translate that idea to a small unattended pipeline so a leaked key has a much smaller blast radius — with working code and the failure modes to watch.