diff --git a/act/runner/reusable_workflow.go b/act/runner/reusable_workflow.go
index 5e92ee88..dd4a6092 100644
--- a/act/runner/reusable_workflow.go
+++ b/act/runner/reusable_workflow.go
@@ -71,8 +71,8 @@ func newRemoteReusableWorkflowExecutor(rc *RunContext) common.Executor {
 	filename := fmt.Sprintf("%s/%s@%s", remoteReusableWorkflow.Org, remoteReusableWorkflow.Repo, remoteReusableWorkflow.Ref)
 	workflowDir := fmt.Sprintf("%s/%s", rc.ActionCacheDir(), safeFilename(filename))
 
-	// FIXME: if the reusable workflow is from a private repository, we need to provide a token to access the repository.
-	token := ""
+	// If the repository is private, we need a token to clone it
+	token := rc.Config.GetToken()
 
 	if rc.Config.ActionCache != nil {
 		return newActionCacheReusableWorkflowExecutor(rc, filename, remoteReusableWorkflow)
diff --git a/act/runner/runner.go b/act/runner/runner.go
index 8e8fba3a..afd4facd 100644
--- a/act/runner/runner.go
+++ b/act/runner/runner.go
@@ -76,12 +76,16 @@ type Config struct {
 	ContainerNetworkEnableIPv6 bool // create the network with IPv6 support enabled
 }
 
-// GetToken: Adapt to Gitea
+// GetToken returns the authentication token for git operations.
+// Priority: ACTIONS_TOKEN > GITEA_TOKEN > GITHUB_TOKEN
 func (c Config) GetToken() string {
 	token := c.Secrets["GITHUB_TOKEN"]
 	if c.Secrets["GITEA_TOKEN"] != "" {
 		token = c.Secrets["GITEA_TOKEN"]
 	}
+	if c.Secrets["ACTIONS_TOKEN"] != "" {
+		token = c.Secrets["ACTIONS_TOKEN"]
+	}
 	return token
 }