gr2m
commented
2 months ago Just to clarify, you cannot use the Client Secret, the private key is still required. But the OAuth Client ID is now recommended to be used as a substitute to the numeric app ID for github.com, and probably GitHub Enterprise Server 3.14+
We just shipped support for passing the client ID to Octokit's app authentication strategy: https://github.com/octokit/auth-app.js/releases/tag/v7.1.0
GitHub now recommends using the clientId instead of the appId/privateKey
Augment the options to allow clientId/clientSecret, validating that either this pair or appId/privateKey are provided, and pass these options along in the call to
createAppAuth.