diff --git a/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers.md b/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers.md
index 42683676cd..be7af998f2 100644
--- a/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers.md
+++ b/content/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers.md
@@ -106,7 +106,7 @@ You can then use `curl` to retrieve a JWT from the {% data variables.product.pro
 
 ```yaml
     - run: |
-        IDTOKEN=$(curl -H "Authorization: bearer ${{steps.script.outputs.TOKEN}}" ${{steps.script.outputs.IDTOKENURL}} -H "Accept: application/json; api-version=2.0" -H "Content-Type: application/json" -d "{}" | jq -r '.value')
+        IDTOKEN=$(curl -H "Authorization: bearer {% raw %} ${{steps.script.outputs.TOKEN}}" ${{steps.script.outputs.IDTOKENURL}} {% endraw %} -H "Accept: application/json; api-version=2.0" -H "Content-Type: application/json" -d "{}" | jq -r '.value')
         echo $IDTOKEN
         jwtd() {
             if [[ -x $(command -v jq) ]]; then