diff --git a/action.yml b/action.yml
index 81f92f7..1527412 100644
--- a/action.yml
+++ b/action.yml
@@ -9,6 +9,10 @@ inputs:
     description: 'GITHUB_TOKEN or a `repo` scoped Personal Access Token (PAT)'
     required: false
     default: ${{ github.token }}
+  commit-with-token:
+    description: 'Set to true to produce a verified commit with token'
+    required: false
+    default: false
   commit-msg:
     description: 'The message provided with the commit'
     required: false
@@ -119,6 +123,35 @@ runs:
         TARGETS: ${{ inputs.inputs }}
         COMMIT_MSG: ${{ inputs.commit-msg }}
         PATH_TO_FLAKE_DIR: ${{ inputs.path-to-flake-dir }}
+        COMMIT_WITH_TOKEN: ${{ inputs.commit-with-token }}
+
+    - name: Commit changes
+      if: ${{ inputs.commit-with-token == 'true' }}
+      env:
+        GITHUB_TOKEN: ${{ inputs.token }}
+        FILE_TO_COMMIT: flake.lock
+        DESTINATION_BRANCH: ${{ inputs.branch }}
+      shell: bash
+      run: |
+        set -x
+        export CONTENT=$( base64 -i $FILE_TO_COMMIT )
+        export BASE=$DESTINATION_BRANCH
+        if gh api --method GET /repos/:owner/:repo/git/refs/heads/$DESTINATION_BRANCH; then
+          git fetch origin $DESTINATION_BRANCH
+        else
+          export BASE=$(gh repo view --json defaultBranchRef --template '{{ .defaultBranchRef.name }}' ${{github.repository}})
+          gh api --method POST /repos/:owner/:repo/git/refs \
+            --field ref=refs/heads/$DESTINATION_BRANCH \
+            --field sha=$BASE_SHA
+        fi
+        export BASE_SHA=$( git rev-parse origin/$BASE )
+        export SHA=$( git rev-parse origin/$BASE:$FILE_TO_COMMIT )
+        gh api --method PUT /repos/:owner/:repo/contents/$FILE_TO_COMMIT \
+          --field message="${{inputs.commit-msg}}" \
+          --field content="$CONTENT" \
+          --field encoding="base64" \
+          --field branch="$DESTINATION_BRANCH" \
+          --field sha="$SHA"
     - name: Save PR Body as file
       uses: DamianReeves/write-file-action@v1.1
       with:
diff --git a/update-flake-lock.sh b/update-flake-lock.sh
index e33a199..bf90d73 100755
--- a/update-flake-lock.sh
+++ b/update-flake-lock.sh
@@ -5,12 +5,18 @@ if [[ -n "$PATH_TO_FLAKE_DIR" ]]; then
   cd "$PATH_TO_FLAKE_DIR"
 fi
 
+commitArg=""
+
+if [[ "$COMMIT_WITH_TOKEN" != true ]]; then
+  commitArg="--commit-lock-file "
+fi
+
 if [[ -n "$TARGETS" ]]; then
     inputs=()
     for input in $TARGETS; do
         inputs+=("--update-input" "$input")
     done
-    nix flake lock "${inputs[@]}" --commit-lock-file --commit-lockfile-summary "$COMMIT_MSG"
+    nix flake lock "${inputs[@]}" $commitArg --commit-lockfile-summary "$COMMIT_MSG"
 else
-    nix flake update --commit-lock-file --commit-lockfile-summary "$COMMIT_MSG"
+    nix flake update $commitArg --commit-lockfile-summary "$COMMIT_MSG"
 fi