refactor: rename internal appId variable to clientId

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
feat: add client-id input and deprecate app-id
2026-03-19 23:05:19 -07:00 · 2026-03-18 20:32:46 +00:00 · 2026-03-18 20:13:20 +00:00 · 2026-03-18 20:10:08 +00:00
23 changed files with 829 additions and 1040 deletions
@@ -0,0 +1,17 @@
+name: 'Publish Immutable Action'
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+      packages: write
+    steps:
+      - uses: actions/checkout@v6
+      - name: Publish Immutable Action
+        uses: actions/publish-immutable-action@v0.0.4
@@ -1,4 +1,3 @@
 .env
 coverage
 node_modules/
-.DS_Store
@@ -9,10 +9,12 @@ GitHub Action for creating a GitHub App installation access token.
 In order to use this action, you need to:

 1. [Register new GitHub App](https://docs.github.com/apps/creating-github-apps/setting-up-a-github-app/creating-a-github-app).
-2. [Store the App's Client ID in your repository variables](https://docs.github.com/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables#defining-configuration-variables-for-multiple-workflows) (example: `APP_CLIENT_ID`).
-3. [Store the App's private key in your repository secrets](https://docs.github.com/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets?tool=webui#creating-secrets-for-a-repository) (example: `APP_PRIVATE_KEY`).
+2. [Store the App's Client ID in your repository environment variables](https://docs.github.com/actions/learn-github-actions/variables#defining-configuration-variables-for-multiple-workflows) (example: `APP_CLIENT_ID`).
+3. [Store the App's private key in your repository secrets](https://docs.github.com/actions/security-guides/encrypted-secrets?tool=webui#creating-encrypted-secrets-for-a-repository) (example: `PRIVATE_KEY`).

-> [!IMPORTANT]
+Pass the App's Client ID using the `client-id` input. The legacy `app-id` input remains available for compatibility, but is deprecated.
+
+> [!IMPORTANT]  
 > An installation access token expires after 1 hour. Please [see this comment](https://github.com/actions/create-github-app-token/issues/121#issuecomment-2043214796) for alternative approaches if you have long-running processes.

 ### Create a token for the current repository
@@ -32,7 +34,7 @@ jobs:
        id: app-token
        with:
          client-id: ${{ vars.APP_CLIENT_ID }}
-          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
      - uses: ./actions/staging-tests
        with:
          token: ${{ steps.app-token.outputs.token }}
@@ -52,7 +54,7 @@ jobs:
        with:
          # required
          client-id: ${{ vars.APP_CLIENT_ID }}
-          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
      - uses: actions/checkout@v6
        with:
          token: ${{ steps.app-token.outputs.token }}
@@ -78,7 +80,7 @@ jobs:
        with:
          # required
          client-id: ${{ vars.APP_CLIENT_ID }}
-          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
      - name: Get GitHub App User ID
        id: get-user-id
        run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
@@ -103,7 +105,7 @@ jobs:
        with:
          # required
          client-id: ${{ vars.APP_CLIENT_ID }}
-          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
      - name: Get GitHub App User ID
        id: get-user-id
        run: echo "user-id=$(gh api "/users/${{ steps.app-token.outputs.app-slug }}[bot]" --jq .id)" >> "$GITHUB_OUTPUT"
@@ -139,7 +141,7 @@ jobs:
        id: app-token
        with:
          client-id: ${{ vars.APP_CLIENT_ID }}
-          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
          owner: ${{ github.repository_owner }}
      - uses: peter-evans/create-or-update-comment@v4
        with:
@@ -161,7 +163,7 @@ jobs:
        id: app-token
        with:
          client-id: ${{ vars.APP_CLIENT_ID }}
-          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
          owner: ${{ github.repository_owner }}
          repositories: |
            repo1
@@ -186,7 +188,7 @@ jobs:
        id: app-token
        with:
          client-id: ${{ vars.APP_CLIENT_ID }}
-          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
          owner: another-owner
      - uses: peter-evans/create-or-update-comment@v4
        with:
@@ -195,28 +197,6 @@ jobs:
          body: "Hello, World!"
 ```

-### Create a token for an enterprise installation
-
-```yaml
-on: [workflow_dispatch]
-
-jobs:
-  hello-world:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/create-github-app-token@v3
-        id: app-token
-        with:
-          app-id: ${{ vars.APP_ID }}
-          private-key: ${{ secrets.PRIVATE_KEY }}
-          enterprise: my-enterprise-slug
-      - name: Call enterprise management REST API with gh
-        run: |
-          gh api /enterprises/my-enterprise-slug/apps/installable_organizations
-        env:
-          GH_TOKEN: ${{ steps.app-token.outputs.token }}
-```
-
 ### Create a token with specific permissions

 > [!NOTE]
@@ -233,7 +213,7 @@ jobs:
        id: app-token
        with:
          client-id: ${{ vars.APP_CLIENT_ID }}
-          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
          owner: ${{ github.repository_owner }}
          permission-issues: write
      - uses: peter-evans/create-or-update-comment@v4
@@ -275,7 +255,7 @@ jobs:
        id: app-token
        with:
          client-id: ${{ vars.APP_CLIENT_ID }}
-          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+          private-key: ${{ secrets.PRIVATE_KEY }}
          owner: ${{ matrix.owners-and-repos.owner }}
          repositories: ${{ join(matrix.owners-and-repos.repos) }}
      - uses: octokit/request-action@v2.x
@@ -333,17 +313,23 @@ If you set `HTTP_PROXY` or `HTTPS_PROXY`, also set `NODE_USE_ENV_PROXY: "1"` on
    NODE_USE_ENV_PROXY: "1"
  with:
    client-id: ${{ vars.APP_CLIENT_ID }}
-    private-key: ${{ secrets.APP_PRIVATE_KEY }}
+    private-key: ${{ secrets.PRIVATE_KEY }}
 ```

 ## Inputs

-### `client-id` or `app-id`
+### `client-id`

-**Required:** GitHub App Client ID.
+**Optional:** GitHub App Client ID. This is the recommended input.

-> [!NOTE]
-> The legacy `app-id` input is also accepted, but `client-id` is recommended.
+### `app-id`
+
+**Optional:** GitHub App ID.
+
+> [!WARNING]
+> `app-id` is deprecated. Use `client-id` instead.
+
+You must set either `client-id` or `app-id`. If both are set, `client-id` takes precedence.

 ### `private-key`

@@ -356,7 +342,7 @@ steps:
  - name: Decode the GitHub App Private Key
    id: decode
    run: |
-      private_key=$(echo "${{ secrets.APP_PRIVATE_KEY }}" | base64 -d | awk 'BEGIN {ORS="\\n"} {print}' | head -c -2) &> /dev/null
+      private_key=$(echo "${{ secrets.PRIVATE_KEY }}" | base64 -d | awk 'BEGIN {ORS="\\n"} {print}' | head -c -2) &> /dev/null
      echo "::add-mask::$private_key"
      echo "private-key=$private_key" >> "$GITHUB_OUTPUT"
  - name: Generate GitHub App Token
@@ -378,13 +364,6 @@ steps:
 > [!NOTE]
 > If `owner` is set and `repositories` is empty, access will be scoped to all repositories in the provided repository owner's installation. If `owner` and `repositories` are empty, access will be scoped to only the current repository.

-### `enterprise`
-
-**Optional:** The slug version of the enterprise name to generate a token for enterprise-level app installations.
-
-> [!NOTE]
-> The `enterprise` input is mutually exclusive with `owner` and `repositories`. GitHub Apps can be installed on enterprise accounts with permissions that let them call enterprise management APIs. Enterprise installations do not grant access to organization or repository resources.
-
 ### `permission-<permission name>`

 **Optional:** The permissions to grant to the token. By default, the token inherits all of the installation's permissions. We recommend to explicitly list the permissions that are required for a use case. This follows GitHub's own recommendation to [control permissions of `GITHUB_TOKEN` in workflows](https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/controlling-permissions-for-github_token). The documentation also lists all available permissions, just prefix the permission key with `permission-` (e.g., `pull-requests` → `permission-pull-requests`).
@@ -21,9 +21,6 @@ inputs:
  repositories:
    description: "Comma or newline-separated list of repositories to install the GitHub App on (defaults to current repository if owner is unset)"
    required: false
-  enterprise:
-    description: "The slug version of the enterprise name for enterprise-level app installations (cannot be used with 'owner' or 'repositories')"
-    required: false
  skip-token-revoke:
    description: "If true, the token will not be revoked when the current job is complete"
    required: false
@@ -38,10 +35,6 @@ inputs:
    description: "The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts. Can be set to 'read' or 'write'."
  permission-administration:
    description: "The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation. Can be set to 'read' or 'write'."
-  permission-artifact-metadata:
-    description: "The level of permission to grant the access token to create and retrieve build artifact metadata records. Can be set to 'read' or 'write'."
-  permission-attestations:
-    description: "The level of permission to create and retrieve the access token for repository attestations. Can be set to 'read' or 'write'."
  permission-checks:
    description: "The level of permission to grant the access token for checks on code. Can be set to 'read' or 'write'."
  permission-codespaces:
@@ -54,8 +47,6 @@ inputs:
    description: "The level of permission to grant the access token to manage Dependabot secrets. Can be set to 'read' or 'write'."
  permission-deployments:
    description: "The level of permission to grant the access token for deployments and deployment statuses. Can be set to 'read' or 'write'."
-  permission-discussions:
-    description: "The level of permission to grant the access token for discussions and related comments and labels. Can be set to 'read' or 'write'."
  permission-email-addresses:
    description: "The level of permission to grant the access token to manage the email addresses belonging to a user. Can be set to 'read' or 'write'."
  permission-enterprise-custom-properties-for-organizations:
@@ -74,8 +65,6 @@ inputs:
    description: "The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones. Can be set to 'read' or 'write'."
  permission-members:
    description: "The level of permission to grant the access token for organization teams and members. Can be set to 'read' or 'write'."
-  permission-merge-queues:
-    description: "The level of permission to grant the access token to manage the merge queues for a repository. Can be set to 'read' or 'write'."
  permission-metadata:
    description: "The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata. Can be set to 'read' or 'write'."
  permission-organization-administration:
@@ -23153,44 +23153,60 @@ async function pRetry(input, options = {}) {
 }

 // lib/main.js
-async function main(clientId, privateKey, enterprise, owner, repositories, permissions, core, createAppAuth2, request2, skipTokenRevoke) {
-  if (enterprise && (owner || repositories.length > 0)) {
-    throw new Error("Cannot use 'enterprise' input with 'owner' or 'repositories' inputs");
+async function main(clientId, privateKey, owner, repositories, permissions, core, createAppAuth2, request2, skipTokenRevoke) {
+  let parsedOwner = "";
+  let parsedRepositoryNames = [];
+  if (!owner && repositories.length === 0) {
+    const [owner2, repo] = String(process.env.GITHUB_REPOSITORY).split("/");
+    parsedOwner = owner2;
+    parsedRepositoryNames = [repo];
+    core.info(
+      `Inputs 'owner' and 'repositories' are not set. Creating token for this repository (${owner2}/${repo}).`
+    );
+  }
+  if (owner && repositories.length === 0) {
+    parsedOwner = owner;
+    core.info(
+      `Input 'repositories' is not set. Creating token for all repositories owned by ${owner}.`
+    );
+  }
+  if (!owner && repositories.length > 0) {
+    parsedOwner = String(process.env.GITHUB_REPOSITORY_OWNER);
+    parsedRepositoryNames = repositories;
+    core.info(
+      `No 'owner' input provided. Using default owner '${parsedOwner}' to create token for the following repositories:${repositories.map((repo) => `
+- ${parsedOwner}/${repo}`).join("")}`
+    );
+  }
+  if (owner && repositories.length > 0) {
+    parsedOwner = owner;
+    parsedRepositoryNames = repositories;
+    core.info(
+      `Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
+      ${repositories.map((repo) => `
+- ${parsedOwner}/${repo}`).join("")}`
+    );
  }
-  const target = resolveInstallationTarget(enterprise, owner, repositories, core);
  const auth5 = createAppAuth2({
    appId: clientId,
    privateKey,
    request: request2
  });
  let authentication, installationId, appSlug;
-  if (target.type === "enterprise") {
-    ({ authentication, installationId, appSlug } = await pRetry(
-      () => getTokenFromEnterprise(request2, auth5, target.enterprise, permissions),
-      {
-        shouldRetry: ({ error: error2 }) => error2.status >= 500,
-        onFailedAttempt: (context) => {
-          core.info(
-            `Failed to create token for enterprise "${target.enterprise}" (attempt ${context.attemptNumber}): ${context.error.message}`
-          );
-        },
-        retries: 3
-      }
-    ));
-  } else if (target.type === "repository") {
+  if (parsedRepositoryNames.length > 0) {
    ({ authentication, installationId, appSlug } = await pRetry(
      () => getTokenFromRepository(
        request2,
        auth5,
-        target.owner,
-        target.repositories,
+        parsedOwner,
+        parsedRepositoryNames,
        permissions
      ),
      {
        shouldRetry: ({ error: error2 }) => error2.status >= 500,
        onFailedAttempt: (context) => {
          core.info(
-            `Failed to create token for "${target.repositories.join(
+            `Failed to create token for "${parsedRepositoryNames.join(
              ","
            )}" (attempt ${context.attemptNumber}): ${context.error.message}`
          );
@@ -23200,11 +23216,11 @@ async function main(clientId, privateKey, enterprise, owner, repositories, permi
    ));
  } else {
    ({ authentication, installationId, appSlug } = await pRetry(
-      () => getTokenFromOwner(request2, auth5, target.owner, permissions),
+      () => getTokenFromOwner(request2, auth5, parsedOwner, permissions),
      {
        onFailedAttempt: (context) => {
          core.info(
-            `Failed to create token for "${target.owner}" (attempt ${context.attemptNumber}): ${context.error.message}`
+            `Failed to create token for "${parsedOwner}" (attempt ${context.attemptNumber}): ${context.error.message}`
          );
        },
        retries: 3
@@ -23220,60 +23236,6 @@ async function main(clientId, privateKey, enterprise, owner, repositories, permi
    core.saveState("expiresAt", authentication.expiresAt);
  }
 }
-function resolveInstallationTarget(enterprise, owner, repositories, core) {
-  if (enterprise) {
-    core.info(`Creating enterprise installation token for enterprise "${enterprise}".`);
-    return { type: "enterprise", enterprise };
-  }
-  if (!owner && repositories.length === 0) {
-    const [defaultOwner, repo] = String(process.env.GITHUB_REPOSITORY).split("/");
-    core.info(
-      `Inputs 'owner' and 'repositories' are not set. Creating token for this repository (${defaultOwner}/${repo}).`
-    );
-    return {
-      type: "repository",
-      owner: defaultOwner,
-      repositories: [repo]
-    };
-  }
-  if (owner && repositories.length === 0) {
-    core.info(
-      `Input 'repositories' is not set. Creating token for all repositories owned by ${owner}.`
-    );
-    return { type: "owner", owner };
-  }
-  const parsedOwner = owner || String(process.env.GITHUB_REPOSITORY_OWNER);
-  if (!owner) {
-    core.info(
-      `No 'owner' input provided. Using default owner '${parsedOwner}' to create token for the following repositories:${repositories.map((repo) => `
- ${parsedOwner}/${repo}`).join("")}`
-    );
-  } else {
-    core.info(
-      `Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
-      ${repositories.map((repo) => `
- ${parsedOwner}/${repo}`).join("")}`
-    );
-  }
-  return {
-    type: "repository",
-    owner: parsedOwner,
-    repositories
-  };
-}
-async function createInstallationAuthResult(auth5, installation, permissions, options = {}) {
-  const authentication = await auth5({
-    type: "installation",
-    installationId: installation.id,
-    permissions,
-    ...options
-  });
-  return {
-    authentication,
-    installationId: installation.id,
-    appSlug: installation["app_slug"]
-  };
-}
 async function getTokenFromOwner(request2, auth5, parsedOwner, permissions) {
  const response = await request2("GET /users/{username}/installation", {
    username: parsedOwner,
@@ -23281,7 +23243,14 @@ async function getTokenFromOwner(request2, auth5, parsedOwner, permissions) {
      hook: auth5.hook
    }
  });
-  return createInstallationAuthResult(auth5, response.data, permissions);
+  const authentication = await auth5({
+    type: "installation",
+    installationId: response.data.id,
+    permissions
+  });
+  const installationId = response.data.id;
+  const appSlug = response.data["app_slug"];
+  return { authentication, installationId, appSlug };
 }
 async function getTokenFromRepository(request2, auth5, parsedOwner, parsedRepositoryNames, permissions) {
  const response = await request2("GET /repos/{owner}/{repo}/installation", {
@@ -23291,28 +23260,15 @@ async function getTokenFromRepository(request2, auth5, parsedOwner, parsedReposi
      hook: auth5.hook
    }
  });
-  return createInstallationAuthResult(auth5, response.data, permissions, {
-    repositoryNames: parsedRepositoryNames
+  const authentication = await auth5({
+    type: "installation",
+    installationId: response.data.id,
+    repositoryNames: parsedRepositoryNames,
+    permissions
  });
-}
-async function getTokenFromEnterprise(request2, auth5, enterprise, permissions) {
-  let response;
-  try {
-    response = await request2("GET /enterprises/{enterprise}/installation", {
-      enterprise,
-      request: {
-        hook: auth5.hook
-      }
-    });
-  } catch (error2) {
-    if (error2.status === 404) {
-      throw new Error(
-        `No enterprise installation found matching the name ${enterprise}.`
-      );
-    }
-    throw error2;
-  }
-  return createInstallationAuthResult(auth5, response.data, permissions);
+  const installationId = response.data.id;
+  const appSlug = response.data["app_slug"];
+  return { authentication, installationId, appSlug };
 }

 // lib/request.js
@@ -23353,10 +23309,9 @@ async function run() {
  ensureNativeProxySupport();
  const clientId = getInput("client-id") || getInput("app-id");
  if (!clientId) {
-    throw new Error("The 'client-id' (or deprecated 'app-id') input must be set to a non-empty string. If using a secret or variable, ensure it is available in this workflow context.");
+    throw new Error("Either 'client-id' or 'app-id' input must be set");
  }
  const privateKey = getInput("private-key");
-  const enterprise = getInput("enterprise");
  const owner = getInput("owner");
  const repositories = getInput("repositories").split(/[\n,]+/).map((s) => s.trim()).filter((x) => x !== "");
  const skipTokenRevoke = getBooleanInput("skip-token-revoke");
@@ -23364,7 +23319,6 @@ async function run() {
  return main(
    clientId,
    privateKey,
-    enterprise,
    owner,
    repositories,
    permissions,
@@ -4,7 +4,6 @@ import pRetry from "p-retry";
 /**
 * @param {string} clientId
 * @param {string} privateKey
- * @param {string} enterprise
 * @param {string} owner
 * @param {string[]} repositories
 * @param {undefined | Record<string, string>} permissions
@@ -16,21 +15,59 @@ import pRetry from "p-retry";
 export async function main(
  clientId,
  privateKey,
-  enterprise,
  owner,
  repositories,
  permissions,
  core,
  createAppAuth,
  request,
-  skipTokenRevoke,
+  skipTokenRevoke
 ) {
-  // Validate mutual exclusivity of enterprise with owner/repositories
-  if (enterprise && (owner || repositories.length > 0)) {
-    throw new Error("Cannot use 'enterprise' input with 'owner' or 'repositories' inputs");
+  let parsedOwner = "";
+  let parsedRepositoryNames = [];
+
+  // If neither owner nor repositories are set, default to current repository
+  if (!owner && repositories.length === 0) {
+    const [owner, repo] = String(process.env.GITHUB_REPOSITORY).split("/");
+    parsedOwner = owner;
+    parsedRepositoryNames = [repo];
+
+    core.info(
+      `Inputs 'owner' and 'repositories' are not set. Creating token for this repository (${owner}/${repo}).`
+    );
  }

-  const target = resolveInstallationTarget(enterprise, owner, repositories, core);
+  // If only an owner is set, default to all repositories from that owner
+  if (owner && repositories.length === 0) {
+    parsedOwner = owner;
+
+    core.info(
+      `Input 'repositories' is not set. Creating token for all repositories owned by ${owner}.`
+    );
+  }
+
+  // If repositories are set, but no owner, default to `GITHUB_REPOSITORY_OWNER`
+  if (!owner && repositories.length > 0) {
+    parsedOwner = String(process.env.GITHUB_REPOSITORY_OWNER);
+    parsedRepositoryNames = repositories;
+
+    core.info(
+      `No 'owner' input provided. Using default owner '${parsedOwner}' to create token for the following repositories:${repositories
+        .map((repo) => `\n- ${parsedOwner}/${repo}`)
+        .join("")}`
+    );
+  }
+
+  // If both owner and repositories are set, use those values
+  if (owner && repositories.length > 0) {
+    parsedOwner = owner;
+    parsedRepositoryNames = repositories;
+
+    core.info(
+      `Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
+      ${repositories.map((repo) => `\n- ${parsedOwner}/${repo}`).join("")}`
+    );
+  }

  const auth = createAppAuth({
    appId: clientId,
@@ -39,35 +76,23 @@ export async function main(
  });

  let authentication, installationId, appSlug;
+  // If at least one repository is set, get installation ID from that repository

-  if (target.type === "enterprise") {
-    ({ authentication, installationId, appSlug } = await pRetry(
-      () => getTokenFromEnterprise(request, auth, target.enterprise, permissions),
-      {
-        shouldRetry: ({ error }) => error.status >= 500,
-        onFailedAttempt: (context) => {
-          core.info(
-            `Failed to create token for enterprise "${target.enterprise}" (attempt ${context.attemptNumber}): ${context.error.message}`
-          );
-        },
-        retries: 3,
-      }
-    ));
-  } else if (target.type === "repository") {
+  if (parsedRepositoryNames.length > 0) {
    ({ authentication, installationId, appSlug } = await pRetry(
      () =>
        getTokenFromRepository(
          request,
          auth,
-          target.owner,
-          target.repositories,
+          parsedOwner,
+          parsedRepositoryNames,
          permissions
        ),
      {
        shouldRetry: ({ error }) => error.status >= 500,
        onFailedAttempt: (context) => {
          core.info(
-            `Failed to create token for "${target.repositories.join(
+            `Failed to create token for "${parsedRepositoryNames.join(
              ","
            )}" (attempt ${context.attemptNumber}): ${context.error.message}`
          );
@@ -78,11 +103,11 @@ export async function main(
  } else {
    // Otherwise get the installation for the owner, which can either be an organization or a user account
    ({ authentication, installationId, appSlug } = await pRetry(
-      () => getTokenFromOwner(request, auth, target.owner, permissions),
+      () => getTokenFromOwner(request, auth, parsedOwner, permissions),
      {
        onFailedAttempt: (context) => {
          core.info(
-            `Failed to create token for "${target.owner}" (attempt ${context.attemptNumber}): ${context.error.message}`
+            `Failed to create token for "${parsedOwner}" (attempt ${context.attemptNumber}): ${context.error.message}`
          );
        },
        retries: 3,
@@ -104,76 +129,6 @@ export async function main(
  }
 }

-function resolveInstallationTarget(enterprise, owner, repositories, core) {
-  if (enterprise) {
-    core.info(`Creating enterprise installation token for enterprise "${enterprise}".`);
-    return { type: "enterprise", enterprise };
-  }
-
-  if (!owner && repositories.length === 0) {
-    const [defaultOwner, repo] = String(process.env.GITHUB_REPOSITORY).split("/");
-
-    core.info(
-      `Inputs 'owner' and 'repositories' are not set. Creating token for this repository (${defaultOwner}/${repo}).`
-    );
-
-    return {
-      type: "repository",
-      owner: defaultOwner,
-      repositories: [repo],
-    };
-  }
-
-  if (owner && repositories.length === 0) {
-    core.info(
-      `Input 'repositories' is not set. Creating token for all repositories owned by ${owner}.`
-    );
-
-    return { type: "owner", owner };
-  }
-
-  const parsedOwner = owner || String(process.env.GITHUB_REPOSITORY_OWNER);
-
-  if (!owner) {
-    core.info(
-      `No 'owner' input provided. Using default owner '${parsedOwner}' to create token for the following repositories:${repositories
-        .map((repo) => `\n- ${parsedOwner}/${repo}`)
-        .join("")}`
-    );
-  } else {
-    core.info(
-      `Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
-      ${repositories.map((repo) => `\n- ${parsedOwner}/${repo}`).join("")}`
-    );
-  }
-
-  return {
-    type: "repository",
-    owner: parsedOwner,
-    repositories,
-  };
-}
-
-async function createInstallationAuthResult(
-  auth,
-  installation,
-  permissions,
-  options = {},
-) {
-  const authentication = await auth({
-    type: "installation",
-    installationId: installation.id,
-    permissions,
-    ...options,
-  });
-
-  return {
-    authentication,
-    installationId: installation.id,
-    appSlug: installation["app_slug"],
-  };
-}
-
 async function getTokenFromOwner(request, auth, parsedOwner, permissions) {
  // https://docs.github.com/rest/apps/apps?apiVersion=2022-11-28#get-a-user-installation-for-the-authenticated-app
  // This endpoint works for both users and organizations
@@ -184,8 +139,17 @@ async function getTokenFromOwner(request, auth, parsedOwner, permissions) {
    },
  });

-  // Get token for all repositories of the given installation
-  return createInstallationAuthResult(auth, response.data, permissions);
+  // Get token for for all repositories of the given installation
+  const authentication = await auth({
+    type: "installation",
+    installationId: response.data.id,
+    permissions,
+  });
+
+  const installationId = response.data.id;
+  const appSlug = response.data["app_slug"];
+
+  return { authentication, installationId, appSlug };
 }

 async function getTokenFromRepository(
@@ -205,30 +169,15 @@ async function getTokenFromRepository(
  });

  // Get token for given repositories
-  return createInstallationAuthResult(auth, response.data, permissions, {
+  const authentication = await auth({
+    type: "installation",
+    installationId: response.data.id,
    repositoryNames: parsedRepositoryNames,
+    permissions,
  });
-}
-
-async function getTokenFromEnterprise(request, auth, enterprise, permissions) {
-  let response;
-  try {
-    response = await request("GET /enterprises/{enterprise}/installation", {
-      enterprise,
-      request: {
-        hook: auth.hook,
-      },
-    });
-  } catch (error) {
-    if (error.status === 404) {
-      throw new Error(
-        `No enterprise installation found matching the name ${enterprise}.`
-      );
-    }
-
-    throw error;
-  }
-
-  // Get token for the enterprise installation
-  return createInstallationAuthResult(auth, response.data, permissions);
+
+  const installationId = response.data.id;
+  const appSlug = response.data["app_slug"];
+
+  return { authentication, installationId, appSlug };
 }
@@ -20,10 +20,9 @@ async function run() {

  const clientId = core.getInput("client-id") || core.getInput("app-id");
  if (!clientId) {
-    throw new Error("The 'client-id' (or deprecated 'app-id') input must be set to a non-empty string. If using a secret or variable, ensure it is available in this workflow context.");
+    throw new Error("Either 'client-id' or 'app-id' input must be set");
  }
  const privateKey = core.getInput("private-key");
-  const enterprise = core.getInput("enterprise");
  const owner = core.getInput("owner");
  const repositories = core
    .getInput("repositories")
@@ -38,7 +37,6 @@ async function run() {
  return main(
    clientId,
    privateKey,
-    enterprise,
    owner,
    repositories,
    permissions,
@@ -2,7 +2,7 @@
  "name": "create-github-app-token",
  "private": true,
  "type": "module",
-  "version": "3.1.1",
+  "version": "3.0.0",
  "description": "GitHub Action for creating a GitHub App Installation Access Token",
  "engines": {
    "node": ">=24.4.0"
@@ -19,15 +19,15 @@
    "@actions/core": "^3.0.0",
    "@octokit/auth-app": "^8.2.0",
    "@octokit/request": "^10.0.8",
-    "p-retry": "^8.0.0"
+    "p-retry": "^7.1.1"
  },
  "devDependencies": {
-    "@octokit/openapi": "^22.0.0",
-    "c8": "^11.0.0",
-    "esbuild": "^0.27.4",
-    "open-cli": "^9.0.0",
-    "undici": "^7.24.6",
-    "yaml": "^2.8.3"
+    "@octokit/openapi": "^21.0.0",
+    "c8": "^10.1.3",
+    "esbuild": "^0.27.3",
+    "open-cli": "^8.0.0",
+    "undici": "^7.24.1",
+    "yaml": "^2.8.2"
  },
  "release": {
    "branches": [
@@ -19,22 +19,6 @@
        "write"
      ]
    },
-    "artifact_metadata": {
-      "type": "string",
-      "description": "The level of permission to grant the access token to create and retrieve build artifact metadata records.",
-      "enum": [
-        "read",
-        "write"
-      ]
-    },
-    "attestations": {
-      "type": "string",
-      "description": "The level of permission to create and retrieve the access token for repository attestations.",
-      "enum": [
-        "read",
-        "write"
-      ]
-    },
    "checks": {
      "type": "string",
      "description": "The level of permission to grant the access token for checks on code.",
@@ -75,14 +59,6 @@
        "write"
      ]
    },
-    "discussions": {
-      "type": "string",
-      "description": "The level of permission to grant the access token for discussions and related comments and labels.",
-      "enum": [
-        "read",
-        "write"
-      ]
-    },
    "environments": {
      "type": "string",
      "description": "The level of permission to grant the access token for managing repository environments.",
@@ -99,14 +75,6 @@
        "write"
      ]
    },
-    "merge_queues": {
-      "type": "string",
-      "description": "The level of permission to grant the access token to manage the merge queues for a repository.",
-      "enum": [
-        "read",
-        "write"
-      ]
-    },
    "metadata": {
      "type": "string",
      "description": "The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata.",
@@ -32,5 +32,5 @@ node --test --test-update-snapshots tests/index.js

 We have tests both for the `main.js` and `post.js` scripts.

- If you do not expect an error, take [main-token-permissions-set.test.js](main-token-permissions-set.test.js) as a starting point.
- If your test has an expected error, take [main-missing-client-and-app-id.test.js](main-missing-client-and-app-id.test.js) as a starting point.
+- If you do not expect an error, take [main-token-permissions-set.test.js](tests/main-token-permissions-set.test.js) as a starting point.
+- If your test has an expected error, take [main-missing-client-and-app-id.test.js](tests/main-missing-client-and-app-id.test.js) as a starting point.
@@ -11,13 +11,6 @@ snapshot.setDefaultSnapshotSerializers([
  (value) => (typeof value === "string" ? value : undefined),
 ]);

-function normalizeStderr(stderr) {
-  return stderr
-    .replaceAll(/\u001B\[[0-9;]*m/g, "")
-    .replaceAll(process.cwd(), "<cwd>")
-    .replaceAll(/:\d+:\d+/g, ":<line>:<column>");
-}
-
 // Get all files in tests directory
 const files = readdirSync("tests");

@@ -46,19 +39,10 @@ for (const file of testFiles) {
      NODE_USE_ENV_PROXY,
      ...env
    } = process.env;
-    let stderr, stdout;
-    try {
-      ({ stderr, stdout } = await execFileAsync("node", [`tests/${file}`], {
-        env,
-      }));
-    } catch (error) {
-      if (!(error instanceof Error) || !("stderr" in error) || !("stdout" in error)) {
-        throw error;
-      }
-
-      ({ stderr, stdout } = error);
-    }
-    const trimmedStderr = normalizeStderr(stderr).replace(/\r?\n$/, "");
+    const { stderr, stdout } = await execFileAsync("node", [`tests/${file}`], {
+      env,
+    });
+    const trimmedStderr = stderr.replace(/\r?\n$/, "");
    const trimmedStdout = stdout.replace(/\r?\n$/, "");
    await t.test("stderr", (t) => {
      if (trimmedStderr) t.assert.snapshot(trimmedStderr);
@@ -2,24 +2,7 @@ exports[`action-deprecated-inputs.test.js > stdout 1`] = `
 app-id — Use 'client-id' instead.
 `;

-exports[`main-app-id-fallback.test.js > stdout 1`] = `
-Inputs 'owner' and 'repositories' are not set. Creating token for this repository (actions/create-github-app-token).
-::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-
-::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-
-::set-output name=installation-id::123456
-
-::set-output name=app-slug::github-actions
-::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
-GET /repos/actions/create-github-app-token/installation
-POST /app/installations/123456/access_tokens
-{"repositories":["create-github-app-token"]}
-`;
-
-exports[`main-client-id-precedence.test.js > stdout 1`] = `
+exports[`main-client-id.test.js > stdout 1`] = `
 Inputs 'owner' and 'repositories' are not set. Creating token for this repository (actions/create-github-app-token).
 ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a

@@ -55,111 +38,17 @@ POST /api/v3/app/installations/123456/access_tokens
 {"repositories":["create-github-app-token"]}
 `;

-exports[`main-enterprise-fail-response.test.js > stdout 1`] = `
-Creating enterprise installation token for enterprise "test-enterprise".
-Failed to create token for enterprise "test-enterprise" (attempt 1): GitHub API not available
-::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-
-::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-
-::set-output name=installation-id::123456
-
-::set-output name=app-slug::github-actions
-::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
-GET /enterprises/test-enterprise/installation
-GET /enterprises/test-enterprise/installation
-POST /app/installations/123456/access_tokens
-null
-`;
-
-exports[`main-enterprise-installation-not-found.test.js > stderr 1`] = `
-Error: No enterprise installation found matching the name test-enterprise.
-    at getTokenFromEnterprise (file://<cwd>/lib/main.js:<line>:<column>)
-    at process.processTicksAndRejections (node:internal/process/task_queues:<line>:<column>)
-    at async pRetry (file://<cwd>/node_modules/p-retry/index.js:<line>:<column>)
-    at async main (file://<cwd>/lib/main.js:<line>:<column>)
-    at async test (file://<cwd>/tests/main.js:<line>:<column>)
-    at async file://<cwd>/tests/main-enterprise-installation-not-found.test.js:<line>:<column>
-`;
-
-exports[`main-enterprise-installation-not-found.test.js > stdout 1`] = `
-Creating enterprise installation token for enterprise "test-enterprise".
-Failed to create token for enterprise "test-enterprise" (attempt 1): No enterprise installation found matching the name test-enterprise.
-::error::No enterprise installation found matching the name test-enterprise.
--- REQUESTS ---
-GET /enterprises/test-enterprise/installation
-`;
-
-exports[`main-enterprise-mutual-exclusivity-owner.test.js > stderr 1`] = `
-Error: Cannot use 'enterprise' input with 'owner' or 'repositories' inputs
-    at main (file://<cwd>/lib/main.js:<line>:<column>)
-    at run (file://<cwd>/main.js:<line>:<column>)
-    at file://<cwd>/main.js:<line>:<column>
-    at ModuleJob.run (node:internal/modules/esm/module_job:<line>:<column>)
-    at async onImport.tracePromise.__proto__ (node:internal/modules/esm/loader:<line>:<column>)
-    at async file://<cwd>/tests/main-enterprise-mutual-exclusivity-owner.test.js:<line>:<column>
-`;
-
-exports[`main-enterprise-mutual-exclusivity-owner.test.js > stdout 1`] = `
-::error::Cannot use 'enterprise' input with 'owner' or 'repositories' inputs
-`;
-
-exports[`main-enterprise-mutual-exclusivity-repositories.test.js > stderr 1`] = `
-Error: Cannot use 'enterprise' input with 'owner' or 'repositories' inputs
-    at main (file://<cwd>/lib/main.js:<line>:<column>)
-    at run (file://<cwd>/main.js:<line>:<column>)
-    at file://<cwd>/main.js:<line>:<column>
-    at ModuleJob.run (node:internal/modules/esm/module_job:<line>:<column>)
-    at async onImport.tracePromise.__proto__ (node:internal/modules/esm/loader:<line>:<column>)
-    at async file://<cwd>/tests/main-enterprise-mutual-exclusivity-repositories.test.js:<line>:<column>
-`;
-
-exports[`main-enterprise-mutual-exclusivity-repositories.test.js > stdout 1`] = `
-::error::Cannot use 'enterprise' input with 'owner' or 'repositories' inputs
-`;
-
-exports[`main-enterprise-only-success.test.js > stdout 1`] = `
-Creating enterprise installation token for enterprise "test-enterprise".
-::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-
-::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-
-::set-output name=installation-id::123456
-
-::set-output name=app-slug::github-actions
-::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
-GET /enterprises/test-enterprise/installation
-POST /app/installations/123456/access_tokens
-null
-`;
-
-exports[`main-enterprise-token-with-permissions.test.js > stdout 1`] = `
-Creating enterprise installation token for enterprise "test-enterprise".
-::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-
-::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-
-::set-output name=installation-id::123456
-
-::set-output name=app-slug::github-actions
-::save-state name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a
-::save-state name=expiresAt::2016-07-11T22:14:10Z
--- REQUESTS ---
-GET /enterprises/test-enterprise/installation
-POST /app/installations/123456/access_tokens
-{"permissions":{"enterprise_organizations":"read","enterprise_people":"write"}}
-`;
-
 exports[`main-missing-client-and-app-id.test.js > stderr 1`] = `
-The 'client-id' (or deprecated 'app-id') input must be set to a non-empty string. If using a secret or variable, ensure it is available in this workflow context.
+Error: Either 'client-id' or 'app-id' input must be set
+    at run [90m(file:///home/runner/work/create-github-app-token/create-github-app-token/[39mmain.js:23:11[90m)[39m
+    at [90mfile:///home/runner/work/create-github-app-token/create-github-app-token/[39mmain.js:51:16
+[90m    at ModuleJob.run (node:internal/modules/esm/module_job:430:25)[39m
+[90m    at async onImport.tracePromise.__proto__ (node:internal/modules/esm/loader:661:26)[39m
+    at async [90mfile:///home/runner/work/create-github-app-token/create-github-app-token/[39mtests/main-missing-client-and-app-id.test.js:12:30
 `;

 exports[`main-missing-client-and-app-id.test.js > stdout 1`] = `
-::error::The 'client-id' (or deprecated 'app-id') input must be set to a non-empty string. If using a secret or variable, ensure it is available in this workflow context.
+::error::Either 'client-id' or 'app-id' input must be set
 `;

 exports[`main-missing-owner.test.js > stderr 1`] = `
@@ -1,11 +0,0 @@
-import { DEFAULT_ENV, test } from "./main.js";
-
-// Verify `main` falls back to `app-id` when `client-id` is not set
-await test(
-  () => {},
-  {
-    ...DEFAULT_ENV,
-    "INPUT_CLIENT-ID": "",
-    "INPUT_APP-ID": "123456",
-  }
-);
@@ -1,11 +1,11 @@
 import { DEFAULT_ENV, test } from "./main.js";

-// Verify `client-id` takes precedence when both `client-id` and `app-id` are set
+// Verify `main` accepts a GitHub App client ID via the `client-id` input
 await test(
  () => {},
  {
    ...DEFAULT_ENV,
    "INPUT_CLIENT-ID": "Iv1.0123456789abcdef",
-    "INPUT_APP-ID": "123456",
+    "INPUT_APP-ID": "",
  }
 );
@@ -1,39 +0,0 @@
-import { test } from "./main.js";
-
-// Verify enterprise installation lookup retries when the GitHub API returns a 500 error.
-await test((mockPool) => {
-  process.env.INPUT_ENTERPRISE = "test-enterprise";
-  delete process.env.INPUT_OWNER;
-  delete process.env.INPUT_REPOSITORIES;
-
-  const mockInstallationId = "123456";
-  const mockAppSlug = "github-actions";
-
-  mockPool
-    .intercept({
-      path: "/enterprises/test-enterprise/installation",
-      method: "GET",
-      headers: {
-        accept: "application/vnd.github.v3+json",
-        "user-agent": "actions/create-github-app-token",
-        // Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
-      },
-    })
-    .reply(500, "GitHub API not available");
-
-  mockPool
-    .intercept({
-      path: "/enterprises/test-enterprise/installation",
-      method: "GET",
-      headers: {
-        accept: "application/vnd.github.v3+json",
-        "user-agent": "actions/create-github-app-token",
-        // Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
-      },
-    })
-    .reply(
-      200,
-      { id: mockInstallationId, app_slug: mockAppSlug },
-      { headers: { "content-type": "application/json" } },
-    );
-});
@@ -1,25 +0,0 @@
-import { test } from "./main.js";
-
-// Verify `main` handles when no enterprise installation is found.
-await test((mockPool) => {
-  delete process.env.INPUT_OWNER;
-  delete process.env.INPUT_REPOSITORIES;
-  process.env.INPUT_ENTERPRISE = "test-enterprise";
-
-  // Mock the enterprise installation endpoint to return no matching installation
-  mockPool
-    .intercept({
-      path: "/enterprises/test-enterprise/installation",
-      method: "GET",
-      headers: {
-        accept: "application/vnd.github.v3+json",
-        "user-agent": "actions/create-github-app-token",
-        // Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
-      },
-    })
-    .reply(
-      404,
-      { message: "Not Found" },
-      { headers: { "content-type": "application/json" } }
-    );
-});
@@ -1,15 +0,0 @@
-import { DEFAULT_ENV } from "./main.js";
-
-// Verify `main` exits with an error when `enterprise` is used with `owner` input.
-try {
-  // Set up environment with enterprise and owner set
-  for (const [key, value] of Object.entries(DEFAULT_ENV)) {
-    process.env[key] = value;
-  }
-  process.env.INPUT_ENTERPRISE = "test-enterprise";
-  process.env.INPUT_OWNER = "test-owner";
-  
-  await import("../main.js");
-} catch (error) {
-  console.error(error.message);
-}
@@ -1,15 +0,0 @@
-import { DEFAULT_ENV } from "./main.js";
-
-// Verify `main` exits with an error when `enterprise` is used with `repositories` input.
-try {
-  // Set up environment with enterprise and repositories set
-  for (const [key, value] of Object.entries(DEFAULT_ENV)) {
-    process.env[key] = value;
-  }
-  process.env.INPUT_ENTERPRISE = "test-enterprise";
-  process.env.INPUT_REPOSITORIES = "repo1,repo2";
-  
-  await import("../main.js");
-} catch (error) {
-  console.error(error.message);
-}
@@ -1,30 +0,0 @@
-import { test } from "./main.js";
-
-// Verify `main` successfully obtains a token when only the `enterprise` input is set.
-await test((mockPool) => {
-  process.env.INPUT_ENTERPRISE = "test-enterprise";
-  delete process.env.INPUT_OWNER;
-  delete process.env.INPUT_REPOSITORIES;
-
-  // Mock the enterprise installation endpoint
-  const mockInstallationId = "123456";
-  const mockAppSlug = "github-actions";
-  mockPool
-    .intercept({
-      path: "/enterprises/test-enterprise/installation",
-      method: "GET",
-      headers: {
-        accept: "application/vnd.github.v3+json",
-        "user-agent": "actions/create-github-app-token",
-        // Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
-      },
-    })
-    .reply(
-      200,
-      {
-        id: mockInstallationId,
-        app_slug: mockAppSlug,
-      },
-      { headers: { "content-type": "application/json" } }
-    );
-});
@@ -1,32 +0,0 @@
-import { test } from "./main.js";
-
-// Verify `main` successfully generates enterprise token with specific permissions.
-await test((mockPool) => {
-  process.env.INPUT_ENTERPRISE = "test-enterprise";
-  delete process.env.INPUT_OWNER;
-  delete process.env.INPUT_REPOSITORIES;
-  process.env["INPUT_PERMISSION-ENTERPRISE-ORGANIZATIONS"] = "read";
-  process.env["INPUT_PERMISSION-ENTERPRISE-PEOPLE"] = "write";
-
-  // Mock the enterprise installation endpoint
-  const mockInstallationId = "123456";
-  const mockAppSlug = "github-actions";
-  mockPool
-    .intercept({
-      path: "/enterprises/test-enterprise/installation",
-      method: "GET",
-      headers: {
-        accept: "application/vnd.github.v3+json",
-        "user-agent": "actions/create-github-app-token",
-        // Intentionally omitting the `authorization` header, since JWT creation is not idempotent.
-      },
-    })
-    .reply(
-      200,
-      {
-        id: mockInstallationId,
-        app_slug: mockAppSlug,
-      },
-      { headers: { "content-type": "application/json" } }
-    );
-});
@@ -8,12 +8,6 @@ for (const [key, value] of Object.entries({
  process.env[key] = value;
 }

-// Log only the error message, not the full stack trace, because the stack
-// trace contains environment-specific paths and ANSI codes that differ
-// between local and CI environments.
-const _error = console.error;
-console.error = (err) => _error(err?.message ?? err);
-
 // Verify `main` exits with an error when neither `client-id` nor `app-id` is set.
 const { default: promise } = await import("../main.js");
 await promise;
@@ -9,7 +9,7 @@ export const DEFAULT_ENV = {
  // https://docs.github.com/actions/creating-actions/metadata-syntax-for-github-actions#example-specifying-inputs
  "INPUT_GITHUB-API-URL": "https://api.github.com",
  "INPUT_SKIP-TOKEN-REVOKE": "false",
-  "INPUT_CLIENT-ID": "Iv1.0123456789abcdef",
+  "INPUT_APP-ID": "123456",
  // This key is invalidated. It’s from https://github.com/octokit/auth-app.js/issues/465#issuecomment-1564998327.
  "INPUT_PRIVATE-KEY": `-----BEGIN RSA PRIVATE KEY-----
 MIIEowIBAAKCAQEA280nfuUM9w00Ib9E2rvZJ6Qu3Ua3IqR34ZlK53vn/Iobn2EL
Author	SHA1	Message	Date
Parker Brown	ea0d3155e4	refactor: rename internal appId variable to clientId Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>	2026-03-19 23:05:19 -07:00
copilot-swe-agent[bot]	37f42c53d0	feat: add client-id input and deprecate app-id Co-authored-by: parkerbxyz <17183625+parkerbxyz@users.noreply.github.com>	2026-03-18 20:32:46 +00:00
copilot-swe-agent[bot]	8204e76db8	docs: document client ID support for app-id Co-authored-by: parkerbxyz <17183625+parkerbxyz@users.noreply.github.com>	2026-03-18 20:13:20 +00:00
copilot-swe-agent[bot]	e9da44231a	Initial plan	2026-03-18 20:10:08 +00:00