diff --git a/models/webhook/webhook.go b/models/webhook/webhook.go
index 4ab806573b..f3370f3db5 100644
--- a/models/webhook/webhook.go
+++ b/models/webhook/webhook.go
@@ -361,6 +361,15 @@ func (w Webhook) HeaderAuthorization() (string, error) {
 	return secret.DecryptSecret(setting.SecretKey, w.HeaderAuthorizationEncrypted)
 }
 
+// HeaderAuthorizationTrimPrefix returns the decrypted Authorization with a specified prefix trimmed.
+func (w Webhook) HeaderAuthorizationTrimPrefix(prefix string) (string, error) {
+	s, err := w.HeaderAuthorization()
+	if err != nil {
+		return "", err
+	}
+	return strings.TrimPrefix(s, prefix), nil
+}
+
 // SetHeaderAuthorization encrypts and sets the Authorization header.
 func (w *Webhook) SetHeaderAuthorization(cleartext string) error {
 	if cleartext == "" {
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index b46fd9eb3b..c1bca91e5a 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -561,6 +561,7 @@ TeamName = Team name
 AuthName = Authorization name
 AdminEmail = Admin email
 To = Branch name
+AccessToken = Access token
 
 NewBranchName = New branch name
 CommitSummary = Commit summary
@@ -2401,6 +2402,7 @@ settings.sourcehut_builds.manifest_path = Build manifest path
 settings.sourcehut_builds.visibility = Job visibility
 settings.sourcehut_builds.secrets = Secrets
 settings.sourcehut_builds.secrets_helper = Give the job access to the build secrets (requires the SECRETS:RO grant)
+settings.sourcehut_builds.access_token_helper = Access token that has JOBS:RW grant. Generate a <a target="_blank" rel="noopener noreferrer" href="%s">builds.sr.ht token</a> or a <a target="_blank" rel="noopener noreferrer" href="%s">builds.sr.ht token with secrets access</a> on meta.sr.ht.
 settings.deploy_keys = Deploy keys
 settings.add_deploy_key = Add deploy key
 settings.deploy_key_desc = Deploy keys have read-only pull access to the repository.
diff --git a/services/webhook/sourcehut/builds.go b/services/webhook/sourcehut/builds.go
index 1561b9e6e6..e7501110a2 100644
--- a/services/webhook/sourcehut/builds.go
+++ b/services/webhook/sourcehut/builds.go
@@ -49,6 +49,7 @@ type buildsForm struct {
 	ManifestPath string `binding:"Required"`
 	Visibility   string `binding:"Required;In(PUBLIC,UNLISTED,PRIVATE)"`
 	Secrets      bool
+	AccessToken  string `binding:"Required"`
 }
 
 var _ binding.Validator = &buildsForm{}
@@ -63,13 +64,7 @@ func (f *buildsForm) Validate(req *http.Request, errs binding.Errors) binding.Er
 			Message:        ctx.Locale.TrString("repo.settings.add_webhook.invalid_path"),
 		})
 	}
-	if !strings.HasPrefix(f.AuthorizationHeader, "Bearer ") {
-		errs = append(errs, binding.Error{
-			FieldNames:     []string{"AuthorizationHeader"},
-			Classification: "",
-			Message:        ctx.Locale.TrString("form.required_prefix", "Bearer "),
-		})
-	}
+	f.AuthorizationHeader = "Bearer " + strings.TrimSpace(f.AccessToken)
 	return errs
 }
 
diff --git a/templates/webhook/new/sourcehut_builds.tmpl b/templates/webhook/new/sourcehut_builds.tmpl
index e18b828f8d..3bcbe1bf6e 100644
--- a/templates/webhook/new/sourcehut_builds.tmpl
+++ b/templates/webhook/new/sourcehut_builds.tmpl
@@ -29,5 +29,11 @@
 			<span class="help">{{ctx.Locale.Tr "repo.settings.sourcehut_builds.secrets_helper"}}</span>
 		</div>
 	</div>
+	<!-- Access Token -->
+	<div class="field required {{if .Err_AccessToken}}error{{end}}">
+		<label for="access_token">{{ctx.Locale.Tr "form.AccessToken"}}</label>
+		<input id="access_token" name="access_token" type="password" value="{{.Webhook.HeaderAuthorizationTrimPrefix "Bearer "}}" required>
+		<span class="help">{{ctx.Locale.Tr "repo.settings.sourcehut_builds.access_token_helper" "https://meta.sr.ht/oauth2/personal-token?grants=builds.sr.ht/JOBS:RW" "https://meta.sr.ht/oauth2/personal-token?grants=builds.sr.ht/JOBS:RW+builds.sr.ht/SECRETS:RO"}}</span>
+	</div>
 	{{template "webhook/shared-settings" .}}
 </form>
diff --git a/templates/webhook/shared-settings.tmpl b/templates/webhook/shared-settings.tmpl
index 0a39643260..f2724f25e2 100644
--- a/templates/webhook/shared-settings.tmpl
+++ b/templates/webhook/shared-settings.tmpl
@@ -258,14 +258,17 @@
 	<span class="help">{{ctx.Locale.Tr "repo.settings.branch_filter_desc"}}</span>
 </div>
 
-<!-- Authorization Header -->
-<div class="field{{if eq .HookType "matrix"}} required{{end}} {{if .Err_AuthorizationHeader}}error{{end}}">
-	<label for="authorization_header">{{ctx.Locale.Tr "repo.settings.authorization_header"}}</label>
-	<input id="authorization_header" name="authorization_header" type="text" value="{{.Webhook.HeaderAuthorization}}"{{if eq .HookType "matrix"}} placeholder="Bearer $access_token" required{{end}}>
-	{{if ne .HookType "matrix"}}{{/* Matrix doesn't make the authorization optional but it is implied by the help string, should be changed.*/}}
-		<span class="help">{{ctx.Locale.Tr "repo.settings.authorization_header_desc" ("<code>Bearer token123456</code>, <code>Basic YWxhZGRpbjpvcGVuc2VzYW1l</code>" | SafeHTML)}}</span>
-	{{end}}
-</div>
+{{$skipAuthorizationHeader := (eq .HookType "sourcehut_builds")}}
+{{if not $skipAuthorizationHeader}}
+	<!-- Authorization Header -->
+	<div class="field{{if eq .HookType "matrix"}} required{{end}} {{if .Err_AuthorizationHeader}}error{{end}}">
+		<label for="authorization_header">{{ctx.Locale.Tr "repo.settings.authorization_header"}}</label>
+		<input id="authorization_header" name="authorization_header" type="text" value="{{.Webhook.HeaderAuthorization}}"{{if eq .HookType "matrix"}} placeholder="Bearer $access_token" required{{end}}>
+		{{if ne .HookType "matrix"}}{{/* Matrix doesn't make the authorization optional but it is implied by the help string, should be changed.*/}}
+			<span class="help">{{ctx.Locale.Tr "repo.settings.authorization_header_desc" ("<code>Bearer token123456</code>, <code>Basic YWxhZGRpbjpvcGVuc2VzYW1l</code>" | SafeHTML)}}</span>
+		{{end}}
+	</div>
+{{end}}
 
 <div class="divider"></div>
 
diff --git a/tests/integration/repo_webhook_test.go b/tests/integration/repo_webhook_test.go
index 9a278e706d..fa717a4496 100644
--- a/tests/integration/repo_webhook_test.go
+++ b/tests/integration/repo_webhook_test.go
@@ -267,14 +267,12 @@ func TestWebhookForms(t *testing.T) {
 	}))
 
 	t.Run("sourcehut_builds/required", testWebhookForms("sourcehut_builds", session, map[string]string{
-		"payload_url":          "https://sourcehut_builds.example.com",
-		"manifest_path":        ".build.yml",
-		"visibility":           "PRIVATE",
-		"authorization_header": "Bearer 123456",
+		"payload_url":   "https://sourcehut_builds.example.com",
+		"manifest_path": ".build.yml",
+		"visibility":    "PRIVATE",
+		"access_token":  "123456",
 	}, map[string]string{
-		"authorization_header": "",
-	}, map[string]string{
-		"authorization_header": "token ",
+		"access_token": "",
 	}, map[string]string{
 		"manifest_path": "",
 	}, map[string]string{
@@ -289,9 +287,9 @@ func TestWebhookForms(t *testing.T) {
 		"manifest_path": ".build.yml",
 		"visibility":    "PRIVATE",
 		"secrets":       "on",
+		"access_token":  "123456",
 
-		"branch_filter":        "srht/*",
-		"authorization_header": "Bearer 123456",
+		"branch_filter": "srht/*",
 	}))
 }