Integrate GitHub Core Apps with Actions workflows for org-scoped automation. Generate tokens, access APIs, and implement cross-repository operations patterns.
Generate installation tokens and access GitHub APIs from Actions workflows. Use this when you need org-scoped automation across repositories without managing long-lived secrets.
/plugin marketplace add adaptive-enforcement-lab/claude-skills/plugin install patterns@ael-skillsThis skill inherits all available tools. When active, it can use any tool Claude has access to.
This guide explains how to integrate your GitHub Core App with GitHub Actions workflows for organization-level automation.
What You'll Learn
Generate short-lived tokens, use them with GitHub CLI and APIs, implement common workflow patterns, and handle errors gracefully.
Before integrating, ensure you have:
CORE_APP_ID and CORE_APP_PRIVATE_KEY stored in GitHubSee the full implementation guide in the source documentation.
GitHub Apps support three authentication methods, each serving different use cases:
| Method | Scope | Expiration | Primary Use Case |
|---|---|---|---|
| JWT | App-level | 10 minutes | Installation discovery, app metadata, bootstrapping |
| Installation Tokens | Repository/Org | 1 hour | Repository operations, API access, automation |
| OAuth | User context | Configurable | User-specific operations, web flows |
Which authentication method should I use?
- Most workflows → Installation Tokens (via
actions/create-github-app-token)- App management → JWT (list installations, app configuration)
- User operations → OAuth (actions on behalf of a user)
See the Authentication Decision Guide for detailed selection criteria.