Pypi API token invalid

I am using the Github Actions publish python package.
The following is the code in my python-publish.yml file:

name: Upload Python Package

on: push


runs-on: ubuntu-latest

- uses: actions/checkout@v2
- name: Set up Python
  uses: actions/setup-python@v2
    python-version: '3.x'
- name: Install dependencies
  run: |
    python -m pip install --upgrade pip
    pip install build
    pip install requests
- name: Build package
  run: python -m build
- name: Publish package
  uses: pypa/gh-action-pypi-publish@27b31702a0e7fc50959f5ad993c78deac1bdfc29
    user: __token__
    password: ${{ secrets.PYPI_API_TOKEN }}

However, whenever I run it, it gives the error:

Warning: It looks like you are trying to use an API token to authenticate in the package index and your token value does not start with "pypi-" as it typically should. This may cause an authentication error. Please verify that you have copied your token properly if such an error occurs.

I suspect it has something to do with the user: __token__ line, but I can’t seem to figure out what the token is. I have obtained the correct PYPI_API_TOKEN as it starts with pypi-, but the action runs into another error when I put it as user: ${{ secrets.PYPI_API_TOKEN}}.