For some reason the GitHub API will either take a JWT or an access token depending on which endpoint you are accessing. It’s often not clear which is required, but it’s useful to have both available so that you can access the broad spectrum of endpoints they provide. If you are using a GitHub App you can generate these using the PEM private key.