U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25

- Free Preparation Discussions

Microsoft GH-100 Exam - Topic 7 Question 2 Discussion

Actual exam question for Microsoft's GH-100 exam

Question #: 2
Topic #: 7

[All GH-100 Questions]

Why is a GitHub App preferred over a PAT for machine authentication?

AGitHub Apps are required to pass SAML assertions

BGitHub Apps have time-limited installation tokens with scoped access

CPATs cannot be used in GitHub Actions

DPATs support fewer GitHub APIs than Apps

Show Suggested Answer

Suggested Answer: B

GitHub Apps issue short-lived installation tokens that you scope to only the permissions and repositories your automation needs, reducing blast radius and automatically rotating credentials.

by Charlena at Aug 15, 2025, 07:55 AM

Limited Time Offer

25%

Off

Get Premium GH-100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Jose

6 months ago

I think PATs are still useful for some cases though.

upvoted 0 times

...

Aaron

6 months ago

Totally agree, PATs are way less secure.

upvoted 0 times

...

Viva

6 months ago

GitHub Apps have scoped access, much safer!

upvoted 0 times

...

Rory

6 months ago

Wait, PATs can't be used in Actions? That's surprising!

upvoted 0 times

...

Izetta

7 months ago

GitHub Apps are definitely the way to go for better security.

upvoted 0 times

...

Dallas

7 months ago

I thought PATs could be used in GitHub Actions, but maybe they just have limitations compared to GitHub Apps?

upvoted 0 times

...

Willard

7 months ago

I practiced a question similar to this, and I think it was about how GitHub Apps can have time-limited tokens, which makes them safer than PATs.

upvoted 0 times

...

France

7 months ago

I remember something about PATs being less secure, but I can't recall if it's related to their scope or something else.

upvoted 0 times

...

Rodolfo

7 months ago

I think GitHub Apps are better because they have more controlled access, but I'm not sure about the specifics of the tokens.

upvoted 0 times

...

Tawny

8 months ago

I'm not sure about this one. I'll need to do some research on the specific use cases and advantages of GitHub Apps versus PATs.

upvoted 0 times

...

Paz

8 months ago

I've got this! GitHub Apps are preferred because they have scoped access, which is more secure than the broad permissions of a PAT.

upvoted 0 times

...

Bobbye

8 months ago

Wait, I'm a bit confused. Aren't PATs also used for machine authentication? I'll need to review the differences between the two.

upvoted 0 times

...

Irma

8 months ago

Okay, I think I know the answer to this. GitHub Apps have time-limited installation tokens, which is more secure than a PAT.

upvoted 0 times

...

Willodean

8 months ago

Hmm, this is a tricky one. I'll need to think carefully about the differences between GitHub Apps and PATs.

upvoted 0 times

...

Filiberto

9 months ago

I think a GitHub App is preferred because it has time-limited installation tokens with scoped access.

upvoted 0 times

...

Winfred

10 months ago

D) PATs support fewer GitHub APIs than Apps? That's news to me. Gotta keep up with the latest GitHub authentication trends!

upvoted 0 times

...

Elli

10 months ago

Hmm, I was leaning towards C) but B) makes a lot of sense too. Time-limited tokens are a great way to limit potential damage from compromised credentials.

upvoted 0 times

Makeda

9 months ago

I agree, having time-limited tokens adds an extra layer of security.

upvoted 0 times

...

Teresita

9 months ago

B) GitHub Apps have time-limited installation tokens with scoped access

upvoted 0 times

...

...

Wilford

10 months ago

B) GitHub Apps have time-limited installation tokens with scoped access - this is a huge security benefit over PATs!

upvoted 0 times

Mauricio

9 months ago

I agree, having time-limited tokens is much more secure.

upvoted 0 times

...

...