diff --git a/inventory/group_vars/openqa b/inventory/group_vars/openqa
index cc9e2bb807..973c24f611 100644
--- a/inventory/group_vars/openqa
+++ b/inventory/group_vars/openqa
@@ -22,6 +22,7 @@ openqa_secret: "{{ prod_openqa_apisecret }}"
 
 wikitcms_user: coconut
 wikitcms_password: "{{ prod_wikitcms_password }}"
+wikitcms_token: "{{ private }}/files/openidc/production/wikitcms.json"
 
 # The checkcompose settings below cause system(s) in this group to
 # send out check-compose reports. This could cause duplicate reports
diff --git a/inventory/group_vars/openqa-stg b/inventory/group_vars/openqa-stg
index c02fa11351..ad043bcc2f 100644
--- a/inventory/group_vars/openqa-stg
+++ b/inventory/group_vars/openqa-stg
@@ -32,6 +32,7 @@ openqa_key: "{{ stg_openqa_apikey }}"
 openqa_secret: "{{ stg_openqa_apisecret }}"
 
 wikitcms_password: "{{ stg_wikitcms_password }}"
+wikitcms_token: "{{ private }}/files/openidc/staging/wikitcms.json"
 
 checkcompose_url: "https://{{ external_hostname }}"
 
diff --git a/roles/openqa/dispatcher/tasks/main.yml b/roles/openqa/dispatcher/tasks/main.yml
index e1e8b42203..a6b494b85a 100644
--- a/roles/openqa/dispatcher/tasks/main.yml
+++ b/roles/openqa/dispatcher/tasks/main.yml
@@ -14,7 +14,10 @@
 # - wikitcms_user
 ##      string - FAS username for reporting results to wiki
 # - wikitcms_password
-##      string - password for relval_user
+##      string - password for wikitcms_user
+# - wikitcms_token
+##      string - a token file to install for unattended reporting to
+#                a wiki using openidc auth (Fedora wikis after 2017-11)
 # - deployment_type
 ##      string - Fedora Infrastructure thing; for this role, the
 ##               fedora_openqa config file will be set appropriately
@@ -130,6 +133,12 @@
   tags:
   - config
 
+- name: Write wikitcms token file
+  copy: src={{ wikitcms_token }} dest=/root/.openidc/oidc_wikitcms.json owner=root group=root mode=0600
+  when: "wikitcms_token is defined"
+  tags:
+  - config
+
 - name: Enable fedmsg consumer
   template: src=openqa_consumer.py.j2 dest=/etc/fedmsg.d/openqa_consumer.py owner=root group=root mode=0644
   notify:
diff --git a/roles/relvalconsumer/tasks/main.yml b/roles/relvalconsumer/tasks/main.yml
index 9a9d95c11b..b12e8868d8 100644
--- a/roles/relvalconsumer/tasks/main.yml
+++ b/roles/relvalconsumer/tasks/main.yml
@@ -50,6 +50,12 @@
   tags:
   - config
 
+- name: Write wikitcms token file
+  copy: src={{ wikitcms_token }} dest=/root/.openidc/oidc_wikitcms.json owner=root group=root mode=0600
+  when: "wikitcms_token is defined"
+  tags:
+  - config
+
 - name: Check out relvalconsumer
   git:
     repo: https://pagure.io/fedora-qa/relvalconsumer.git
@@ -66,7 +72,7 @@
 
 - name: Enable fedmsg consumer
   template: src=relvalconsumer.py.j2 dest=/etc/fedmsg.d/relvalconsumer.py owner=root group=root mode=0644
-  when: "wikitcms_user is defined and wikitcms_password is defined"
+  when: "wikitcms_user is defined and (wikitcms_password is defined or wikitcms_token is defined)"
   notify:
   - restart fedmsg-hub
   tags: