diff --git a/.github/workflows/build-release.yaml b/.github/workflows/build-release.yaml
index 348f2c7..c72a9a4 100644
--- a/.github/workflows/build-release.yaml
+++ b/.github/workflows/build-release.yaml
@@ -15,14 +15,19 @@ concurrency:
 
 env:
   BROKER_URL: https://broker.io.nrs.gov.bc.ca
-  BROKER_JWT: ${{ secrets.BROKER_JWT_0E727E83_F027_426A_A31C_D7C1CCEADDF6 }}
+  BROKER_JWT: ${{ secrets.broker_jwt_0e727e83_f027_426a_a31c_d7c1cceaddf6 }}
   SERVICE_PROJECT: oneteam-example
   SERVICE_NAME: java-maven-pipeline-example
 
 jobs:
+  check_token_expiration:
+    uses: ./.github/workflows/check-token.yaml
+    secrets:
+      token: ${{ secrets.broker_jwt_0e727e83_f027_426a_a31c_d7c1cceaddf6 }}
   build-release:
     name: Build and release
     runs-on: ubuntu-latest
+    needs: check_token_expiration
     permissions:
       contents: read
       packages: write
@@ -84,7 +89,7 @@ jobs:
       - name: Open intention
         uses: bcgov-nr/action-broker-intention-open@v2
         with:
-          broker_jwt: ${{ secrets.BROKER_JWT_0E727E83_F027_426A_A31C_D7C1CCEADDF6 }}
+          broker_jwt: ${{ secrets.broker_jwt_0e727e83_f027_426a_a31c_d7c1cceaddf6 }}
           intention_path: intention.json
           quickstart: true
       - name: Set intention ID for deployment job
diff --git a/.github/workflows/check-token.yaml b/.github/workflows/check-token.yaml
new file mode 100644
index 0000000..6b09c80
--- /dev/null
+++ b/.github/workflows/check-token.yaml
@@ -0,0 +1,37 @@
+name: Check token expiration
+
+on:
+  workflow_call:
+    inputs:
+      url:
+        description: "The Broker URL"
+        default: https://broker.io.nrs.gov.bc.ca
+        type: string
+    secrets:
+      token:
+        description: "The Broker token"
+        required: true
+
+jobs:
+  check-jwt:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check token expiration
+        shell: bash
+        run: |
+          RESPONSE_CODE=$(curl -o /dev/null -s -w "%{http_code}" -X 'GET' \
+            ${{ inputs.url }}/v1/health/token-check \
+            -H 'accept: */*' \
+            -H 'Authorization: Bearer '"${{ secrets.token }}"'' \
+            )
+
+          if [ "$RESPONSE_CODE" -eq 401 ]; then
+            echo "Unauthorized (401)"
+            exit 1
+          elif [ "$RESPONSE_CODE" -eq 403 ]; then
+            echo "Invalid JWT: Block list has match"
+            exit 1
+          else
+            echo "Response code: $RESPONSE_CODE"
+          fi
\ No newline at end of file
diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index 33cafc5..fbd7cdb 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -20,10 +20,15 @@ env:
   PACKAGE_REPO: https://maven.pkg.github.com/bcgov/java-maven-pipeline-example
 
 jobs:
+  check_token_expiration:
+    uses: ./.github/workflows/check-token.yaml
+    secrets:
+      token: ${{ secrets.broker_jwt_0e727e83_f027_426a_a31c_d7c1cceaddf6 }}
   deploy-build:
     name: Deploy development version
     if: ${{ ! startsWith(github.ref, 'refs/tags/') }}
     runs-on: ubuntu-latest
+    needs: check_token_expiration
     outputs:
       project_version: ${{ steps.set-build-output.outputs.project_version }}
       build_guid: ${{ steps.set-build-output.outputs.build_guid }}
@@ -55,7 +60,7 @@ jobs:
           echo "artifact_sha256=${artifact_checksum#sha256:}" >> $GITHUB_OUTPUT
         env:
           BROKER_URL: https://broker.io.nrs.gov.bc.ca
-          BROKER_JWT: ${{ secrets.BROKER_JWT }}
+          BROKER_JWT: ${{ secrets.broker_jwt_0e727e83_f027_426a_a31c_d7c1cceaddf6 }}
           SERVICE_PROJECT: ${{ env.SERVICE_PROJECT }}
           SERVICE_NAME: ${{ env.SERVICE_NAME }}
           GITHUB_SHA: ${{ github.sha }}
@@ -94,6 +99,7 @@ jobs:
     name: Deploy release version
     if: ${{ startsWith(github.ref, 'refs/tags/') }}
     runs-on: ubuntu-latest
+    needs: check_token_expiration
     outputs:
       project_version: ${{ steps.set-tag-output.outputs.project_version }}
       build_guid: ${{ steps.set-tag-output.outputs.build_guid }}
@@ -127,7 +133,7 @@ jobs:
           echo "artifact_sha256=${artifact_checksum#sha256:}" >> $GITHUB_OUTPUT
         env:
           BROKER_URL: https://broker.io.nrs.gov.bc.ca
-          BROKER_JWT: ${{ secrets.BROKER_JWT }}
+          BROKER_JWT: ${{ secrets.broker_jwt_0e727e83_f027_426a_a31c_d7c1cceaddf6 }}
           SERVICE_PROJECT: ${{ env.SERVICE_PROJECT }}
           SERVICE_NAME: ${{ env.SERVICE_NAME }}
       - name: Checkout repository
diff --git a/app-config.yaml b/app-config.yaml
index 73fd13c..2fe7e27 100644
--- a/app-config.yaml
+++ b/app-config.yaml
@@ -21,4 +21,4 @@ metadata:
     playbook.io.nrs.gov.bc.ca/altAppDirName: ""
     playbook.io.nrs.gov.bc.ca/addWebadeConfig: false
     github.com/project-slug: ""
-    playbook.io.nrs.gov.bc.ca/brokerJwtReference: BROKER_JWT_0E727E83_F027_426A_A31C_D7C1CCEADDF6
+    playbook.io.nrs.gov.bc.ca/clientId: 0e727e83-f027-426a-a31c-d7c1cceaddf6