[FR][docs?] Support Client IDs in JWT #3213
Description
It was announced on May 1, 2024, that client IDs can now be used when making JWTs: https://github.blog/changelog/2024-05-01-github-apps-can-now-use-the-client-id-to-fetch-installation-tokens/.
Looking at https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/generating-a-json-web-token-jwt-for-a-github-app#about-json-web-tokens-jwts, it specifically calls this out, recommending that people prefer client IDs over App IDs:
The client ID or application ID of your GitHub App. This value is used to find the right public key to verify the signature of the JWT. You can find your app's IDs on the settings page for your GitHub App. Use of the client ID is recommended. For more information about navigating to the settings page for your GitHub App, see Modifying a GitHub App registration.
(emphasis mine)
The GH App settings interface in the UI (https://github.com/organizations/<org>/settings/apps/<app>) also has this hint:
Using your App ID to get installation tokens? You can now use your Client ID instead.
The current implementation hardcoded the use of App IDs (also in a way that violates the JWT spec — #3214 / jpadilla/pyjwt#1039).