I've created a GitHub application and have the application's client-secret and client-id.
I'd like to be able to use this new application to simply authenticate to GitHub.
In order to do so, I need to use my application's client_id and client_secret to generate a JWT token which will then allow me to perform the following command:
curl --request GET \
--url "https://api.github.com/app" \
--header "Accept: application/vnd.github+json" \
--header "Authorization: Bearer YOUR_JWT" \
--header "X-GitHub-Api-Version: 2022-11-28"
Problem is, I can't find any documentation on how to generate this JWT token using the application properties I'm given (the client_id and client_secret). I've seen this doc on the GitHub docs page, but it simply shows how to use a JTW token, and not how to generate it.
How can I use a GitHub application's client_id and client_secret to create a JWT for authentication?
The example shown at Generating a JSON Web Token is the documentation you're looking for, in code format.
A JWT is a json string signed with a private key and encoded in a base64 format to make it easy to pass around. It can be verified as authentic by anyone with the public key.
In the case of a Github app, you need to use the App's private key to sign the json string, and Github will be using the public key it already has to validate that you the issuer of the JWT is you.
client_idandclient_secretare not used in the creation of JWTs, nor to access the API or repo data; only the private key is.See my answer How to access a private repository using a GitHub App with OAuth? for how to authenticate to Github as an app, which uses the JWT to obtain a temporary Installation Access Token, which is what's needed to access the API as an app, as well as the repos in the installation