diff --git a/.github/workflows/sca_scan.yml b/.github/workflows/sca_scan.yml
new file mode 100644
index 0000000..beb966a
--- /dev/null
+++ b/.github/workflows/sca_scan.yml
@@ -0,0 +1,16 @@
+name: SCA
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  snyk-cli:
+    uses: auth0/devsecops-tooling/.github/workflows/sca-scan.yml@main
+    with:
+      pre-scan-commands: "pip install -r requirements.txt"
+      additional-arguments: "--exclude=README.md"
+      python-version: "3.12"
+    secrets: inherit