ACCORDING to StepSecurity, Apps & PATs offers centralized visibility into GitHub Apps and both fine-grained and classic Personal Access Tokens across all your organisations in a single dashboard. The feature introduces a real-time dashboard that shows all applications installed across an organisation, with granular permissions colour-coded by risk level and details on installation scope and subscribable events.
It also provides fine-grained PAT data, including token owner, unique identifier, specific permissions, repository access scope, creation and expiration timestamps, last-used data, and active status monitoring, alongside classic PATs with token owner, credential identifier, authorized scopes, authorization timestamp, and quick identification via the final eight characters.
The solution is pitched as particularly useful for enterprises managing multiple GitHub organisations, enabling cross-organisation visibility, policy enforcement, and faster identification of anomalies. Apps & PATs is available now for Enterprise tier customers, with further guidance in the documentation and an interactive demo, as highlighted in posts dating 29 January 2026, 27 January 2026, and 20 January 2026.