diff --git a/.github/workflows/rotate-bdba-token.yml b/.github/workflows/rotate-bdba-token.yml
index 7a4dfa3..fdb28fb 100644
--- a/.github/workflows/rotate-bdba-token.yml
+++ b/.github/workflows/rotate-bdba-token.yml
@@ -21,7 +21,7 @@ jobs:
         uses: actions/checkout@v4
       
       - name: Generate new BDBA API token
-        id: generate_bdba_token
+        id: generate-bdba-token
         run: |
           # Generate new token from the Black Duck Binary Analysis API
           # Using the validity period of 3888000 seconds (45 days)
@@ -48,12 +48,21 @@ jobs:
       
       - name: Update organization secret
         run: |
-          # Authenticate with the GitHub CLI and set the secret on org level
-          gh auth login --with-token <<< ${{ steps.generate_token.outputs.token }}
+          # Authenticate with the GitHub CLI using the generated token
+          gh auth login --with-token <<< ${{ steps.generate-bdba-token.outputs.token }}
 
-          gh secret set BDBA_API_TOKEN \
-          --org open-component-model \
-          --visibility all \
-          --body "${{ steps.generate_bdba_token.outputs.bdba_token }}"
+          # List of specific repositories to update
+          # Secrets do not work out of the box for BDBA action
+          # workflow_run trigger requires GH environments and 
+          # environments require repo-scoped secrets
+          REPOSITORIES=("open-component-model" "ocm-cicd-playground" "ocm-k8s-toolkit" "ocm-controller")
 
-          echo "BDBA API token successfully rotated at $(date)"
+          # Loop through each repository and set the secret
+          for repo in "${REPOSITORIES[@]}"; do
+            echo "Setting BDBA_API_TOKEN for repository: $repo"
+            gh secret set BDBA_API_TOKEN \
+              --repo "open-component-model/$repo" \
+              --body "${{ steps.generate-bdba-token.outputs.bdba_token }}"
+          done
+
+          echo "BDBA API token successfully rotated for specific repositories at $(date)"