diff --git a/.github/actions/deploy-environment/action.yml b/.github/actions/deploy-environment/action.yml
index ef76944ac..234a3adfe 100644
--- a/.github/actions/deploy-environment/action.yml
+++ b/.github/actions/deploy-environment/action.yml
@@ -20,6 +20,9 @@ inputs:
   azure-tenant-id:
     description: Azure tenant ID
     required: true
+  dev-cluster:
+    description: Development cluster name (Optional)
+    required: false
 
 runs:
   using: composite
@@ -43,6 +46,7 @@ runs:
       env:
         DOCKER_IMAGE_TAG: ${{ inputs.docker-image }}
         PR_NUMBER: ${{ inputs.pull-request-number }}
+        CLUSTER: ${{ inputs.dev-cluster }}
 
     - name: Extract Terraform outputs
       shell: bash
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 9e07d828c..5c544e595 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -13,12 +13,15 @@ on:
           - review
           - staging
           - sandbox
-          - dv
+          - dv_review
       sha:
         description: Commit sha to be deployed
         required: true
-      pr_number:
-        description: PR number
+      pr-number:
+        description: PR number for review apps (Optional)
+        required: false
+      dev-cluster:
+        description: Development cluster name (Optional)
         required: false
 
 jobs:
@@ -28,6 +31,9 @@ jobs:
       name: ${{ github.event.inputs.environment }}
     concurrency: deploy_all
     runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+      id-token: write
 
     steps:
       - name: Checkout
@@ -35,7 +41,9 @@ jobs:
 
       - uses: azure/login@v2
         with:
-          creds: ${{ secrets.AZURE_CREDENTIALS }}
+          client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
 
       - name: Fetch secrets from key vault
         if: ${{ github.event.inputs.environment != 'review' }}
@@ -52,10 +60,13 @@ jobs:
         with:
           environment: ${{ github.event.inputs.environment }}
           docker-image: ${{ github.event.inputs.sha }}
-          azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
-          pull-request-number: ${{ github.event.inputs.pr_number }}
+          azure-client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          azure-subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+          azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          pull-request-number: ${{ github.event.inputs.pr-number }}
+          dev-cluster: ${{ github.event.inputs.dev-cluster }}
 
-      - name: Post comment to Pull Request ${{ github.event.inputs.pr_number }}
+      - name: Post comment to Pull Request ${{ github.event.inputs.pr-number }}
         if: ${{ github.event.inputs.environment == 'review' }}
         uses: marocchino/sticky-pull-request-comment@v2
         with:
@@ -65,8 +76,8 @@ jobs:
 
             | App               | URL                                                                                      |
             | ----------------- | ---------------------------------------------------------------------------------------- |
-            | Track & Pay       | <https://track-and-pay-${{ github.event.inputs.pr_number }}.test.teacherservices.cloud>            |
-            | School Placements | <https://manage-school-placements-${{ github.event.inputs.pr_number }}.test.teacherservices.cloud> |
+            | Track & Pay       | <https://track-and-pay-${{ github.event.inputs.pr-number }}.test.teacherservices.cloud>            |
+            | School Placements | <https://manage-school-placements-${{ github.event.inputs.pr-number }}.test.teacherservices.cloud> |
 
       - name: Slack Notification
         if: ${{ failure() && github.event.inputs.environment != 'review' }}
diff --git a/global_config/dv_review.sh b/global_config/dv_review.sh
index d8f65415b..c4c30cd65 100644
--- a/global_config/dv_review.sh
+++ b/global_config/dv_review.sh
@@ -3,4 +3,4 @@ CONFIG_SHORT=rv
 AZURE_SUBSCRIPTION=s189-teacher-services-cloud-development
 AZURE_RESOURCE_PREFIX=s189d01
 KV_PURGE_PROTECTION=false
-TERRAFORM_MODULES_TAG=main
+TERRAFORM_MODULES_TAG=oidc-ga
diff --git a/global_config/production.sh b/global_config/production.sh
index 609e01ea2..82da93efe 100644
--- a/global_config/production.sh
+++ b/global_config/production.sh
@@ -1,4 +1,5 @@
 CONFIG=production
+ENVIRONMENT=production
 CONFIG_SHORT=pd
 AZURE_SUBSCRIPTION=s189-teacher-services-cloud-production
 AZURE_RESOURCE_PREFIX=s189p01
diff --git a/terraform/application/config/pt_review.tfvars.json b/terraform/application/config/pt_review.tfvars.json
new file mode 100644
index 000000000..c5f813b9e
--- /dev/null
+++ b/terraform/application/config/pt_review.tfvars.json
@@ -0,0 +1,5 @@
+{
+  "namespace": "development",
+  "deploy_azure_backing_services": false,
+  "enable_postgres_ssl": false
+}
diff --git a/terraform/application/config/pt_review_app_env.yml b/terraform/application/config/pt_review_app_env.yml
new file mode 100644
index 000000000..9ff365b18
--- /dev/null
+++ b/terraform/application/config/pt_review_app_env.yml
@@ -0,0 +1,11 @@
+---
+HOSTING_ENV: review
+
+# API integrations
+GIAS_CSV_BASE_URL: https://ea-edubase-api-prod.azurewebsites.net/edubase/downloads/public
+PUBLISH_BASE_URL: https://qa.api.publish-teacher-training-courses.service.gov.uk
+TEACHING_RECORD_BASE_URL: https://preprod.teacher-qualifications-api.education.gov.uk
+TEACHING_RECORD_API_MINOR_VERSION: 20240416
+
+# User authentication
+SIGN_IN_METHOD: persona