diff --git a/.github/workflows/build_and_deploy.yml b/.github/workflows/build_and_deploy.yml
index 21a6daa..b4ff144 100644
--- a/.github/workflows/build_and_deploy.yml
+++ b/.github/workflows/build_and_deploy.yml
@@ -27,6 +27,9 @@ on:
         required: true
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
+permissions:
+  contents: read
+  pull-requests: write
 defaults:
   run:
     shell: bash
@@ -53,6 +56,8 @@ jobs:
         run: composer -n ci-compile-theme
       - name: Build React app(s) for deployment
         run: composer -n ci-compile-react
+      - name: Build docs for deployment
+        run: composer -n ci-compile-docs
       - name: Remove files that should not be deployed
         run: |
           sed -n '/# *:.*cut.*:/,$p' .gitignore > ../deploy.gitignore
@@ -232,8 +237,8 @@ jobs:
           set -e
           if [ $PANTHEON_SITE_EXISTS -eq 0 ]; then
             terminus multidev:create $TERMINUS_SITE.dev $TERMINUS_ENV
-            curl -s -H "Authorization: Bearer $GITHUB_TOKEN" \
-              -H "Accept: application/vnd.github.v3+json" \
+            curl -s -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" \
+              -H "Accept: application/vnd.github+json" \
               --request POST \
               --data '{"body": "Created feature testing environment at https://'$TERMINUS_ENV'-'$TERMINUS_SITE'.pantheonsite.io/"}' \
               "https://api.github.com/repos/${GITHUB_REPOSITORY}/issues/$PR_NUMBER/comments"