diff --git a/.github/workflows/test-device.yml b/.github/workflows/test-device.yml
index 881d3603fe..905855cf9d 100644
--- a/.github/workflows/test-device.yml
+++ b/.github/workflows/test-device.yml
@@ -5,6 +5,9 @@ on:
 
 permissions:
   contents: read
+  actions: read
+  checks: write
+  id-token: write
 
 jobs:
   test-device:
@@ -76,12 +79,22 @@ jobs:
           az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \
           --name google-services.json --file ${{ github.workspace }}/app/src/standardRelease/google-services.json --output none
 
+      - name: Log in to Azure
+        uses: bitwarden/gh-actions/azure-login@main
+        with:
+          subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          tenant_id: ${{ secrets.AZURE_TENANT_ID }}
+          client_id: ${{ secrets.AZURE_CLIENT_ID }}
+
       - name: Get E2E secrets from Azure
-        id: get-e2e-secrets
         uses: bitwarden/gh-actions/get-keyvault-secrets@main
         with:
-          keyvault: gh-test
+          keyvault: gh-android
           secrets: "BWS-ACCESS-TOKEN"
+        id: get-e2e-secrets
+
+      - name: Log out from Azure
+        uses: bitwarden/gh-actions/azure-logout@main
 
       - name: Retrieve test data
         uses: bitwarden/sm-action@14f92f1d294ae3c2b6a3845d389cd2c318b0dfd8 # v2.2.0
@@ -116,21 +129,21 @@ jobs:
         run: |
           saucectl storage upload --app app/build/outputs/apk/standard/release/com.x8bit.bitwarden.apk
         env:
-          SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }}
-          SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }}
+          SAUCE_USERNAME: ${{ steps.get-e2e-secrets.outputs.SAUCE_USERNAME }}
+          SAUCE_ACCESS_KEY: ${{ steps.get-e2e-secrets.outputs.SAUCE_ACCESS_KEY }}
 
       - name: Upload test APK to SauceLabs storage
         run: |
           saucectl storage upload --app app/build/outputs/apk/androidTest/standard/release/com.x8bit.bitwarden-standard-release-androidTest.apk
         env:
-          SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }}
-          SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }}
+          SAUCE_USERNAME: ${{ steps.get-e2e-secrets.outputs.SAUCE_USERNAME }}
+          SAUCE_ACCESS_KEY: ${{ steps.get-e2e-secrets.outputs.SAUCE_ACCESS_KEY }}
 
       - name: Run tests on SauceLabs
         run: saucectl run --config .sauce/config.yml
         env:
-          SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }}
-          SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }}
+          SAUCE_USERNAME: ${{ steps.get-e2e-secrets.outputs.SAUCE_USERNAME }}
+          SAUCE_ACCESS_KEY: ${{ steps.get-e2e-secrets.outputs.SAUCE_ACCESS_KEY }}
 
       - name: Upload SauceLabs test report
         if: always()
@@ -138,6 +151,3 @@ jobs:
         with:
           name: saucectl-report
           path: saucectl-report.xml
-
-
-