Best Authorization strategy when using Cloud Microservices to access GitHub API endpoints

Hello,

We are developing an Azure API (microservice) that will integrate with our GitHub Enterprise instance.
There are two main capabilities

  1. Consumes the webhook payload
  2. Calls v3 of the API to get repository content files that have been modified

We are trying to understand what is the best Authorization option to use.

  1. OAuth App - documentation mentions its best for Web Apps
  2. GitHub App
  3. PAT - this seems like it’s only for Testing purposes

Please advise!