diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9dcd3af69..dbdd5b2d4 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -40,7 +40,7 @@ jobs:
     - name: Install mage
       run: go install github.com/magefile/mage
 
-    - name: Build
+    - name: Build library
       run: mage build
 
     - name: Test
@@ -48,3 +48,12 @@ jobs:
 
     - name: Upload coverage to Codecov
       uses: codecov/codecov-action@v3
+
+    - name: Build binary
+      if: ${{ github.ref == 'refs/heads/main' }}
+      run: mage artifact
+
+    - uses: actions/upload-artifact@v3
+      if: ${{ github.ref == 'refs/heads/main' }}
+      with:
+        path: bin/ssi-service
diff --git a/magefile.go b/magefile.go
index f26dafc70..1ef1d8856 100644
--- a/magefile.go
+++ b/magefile.go
@@ -26,10 +26,16 @@ var (
 
 // Build builds the library.
 func Build() error {
-	fmt.Println("Building...")
+	fmt.Println("Building library...")
 	return sh.Run(Go, "build", "-tags", "jwx_es256k", "./...")
 }
 
+// Artifact builds the binary.
+func Artifact() error {
+	fmt.Println("Building binary...")
+	return sh.Run(Go, "build", "-tags", "jwx_es256k", "-o", "./bin/ssi-service", "./cmd")
+}
+
 // Vuln downloads and runs govulncheck https://go.dev/blog/vuln
 func Vuln() error {
 	fmt.Println("Vulnerability checks...")