diff --git a/.github/workflows/create-clients-and-secrets.yml b/.github/workflows/create-clients-and-secrets.yml
new file mode 100644
index 0000000..18e5e5b
--- /dev/null
+++ b/.github/workflows/create-clients-and-secrets.yml
@@ -0,0 +1,40 @@
+name: IaC for Clients and Secrets
+run-name: IaC for Clients and Secrets in ${{ github.event.inputs.environment }}
+
+env:
+  KEYCLOAK_URL: ${{ secrets.KEYCLOAK_URL }}
+  KEYCLOAK_REALM: ${{ secrets.KEYCLOAK_REALM }}
+  OPENSHIFT_SERVER: ${{ vars.OPENSHIFT_SERVER }}
+  GRAD_NAMESPACE: ${{ vars.GRAD_NAMESPACE }}-${{ github.event.inputs.environment }}
+  OPENSHIFT_NAMESPACE: ${{ vars.GRAD_NAMESPACE }}-${{ github.event.inputs.environment }}
+  OPENSHIFT_TOKEN: ${{ secrets.OPENSHIFT_TOKEN }}
+
+on:
+  workflow_dispatch:
+    inputs: 
+      environment:
+        type: environment
+
+jobs:
+  create-or-update-clients:
+    runs-on: ubuntu-latest
+    environment: ${{ github.event.inputs.environment }}
+
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '20'
+
+      - name: Install dependencies
+        run: npm install axios
+
+      - name: Create/Update clients
+        run: node ./tools/config/clients-and-scopes.js
+
+      - name: Create/Update secrets
+        run: node ./tools/openshift/fetch-and-create-secrets.js
+