Understanding GitHub Apps authentication

Hello GitHub Community,
I am trying to understand how GitHub App authentication works and why I am seeing HTTP/2 401
“Bad credentials” on some but not all api functions.

I have setup an app, installed it to all my repositories, and have the appId and the secret key available. I create the JWT with the ruby example code from this guide:

Then I am trying to get all repos of an organization. Without JWT Token I get the public repos, with JWT token attached I get the error:

curl -i -H "Authorization: Bearer $JWT_TOKEN" \
  -H "Accept: application/vnd.github.v3+json" \

Error message:

HTTP/2 401 
server: GitHub.com
date: Wed, 20 Oct 2021 11:26:23 GMT
content-type: application/json; charset=utf-8
content-length: 90
x-github-media-type: github.v3; format=json
  "message": "Bad credentials",
  "documentation_url": "https://docs.github.com/rest"

However if I use the same syntax with this API method, I get valid data back with HTTP/2 200 response:

curl -i -H "Authorization: Bearer $JWT_TOKEN" \
  -H "Accept: application/vnd.github.v3+json" \

Both API methods are listed as “Works with GitHub Apps” in the REST reference page:

Long term goal is to create a GitHub App that retrieves the clone URL for all repositories in . If you know code snippets or open source projects as a starting point, this is welcome too.

Thanks, Martin

I’m new here so bare with me. The Android App stopped working to authenticate me. On github I do see a number to confirm be the Github Android App says numb.

Was 2FA using GitHub App discontinued?