/// <summary>
        /// Gets cert, signs jwt token and generates an installation token for msgraph installation instance
        /// </summary>
        /// <returns>installation token</returns>
        internal async Task <string> GetGithubAppToken()
        {
            if (!string.IsNullOrEmpty(_configuration[Constants.GitHubToken]))
            {
                return(_configuration[Constants.GitHubToken]);
            }
            if (_cache.TryGetValue(Constants.GitHubToken, out string token))
            {
                return(token);
            }
            var KeyIdentifier = _configuration[Constants.KeyIdentifier];

            //create azurekeyvault client
            var client            = GetAzureKeyVaultClient();
            var certificateBundle = await client.GetSecretAsync(KeyIdentifier);

            //insert missing newlines that cause a problem on reading the certificate
            var sections = certificateBundle.Value.Split("-----BEGIN RSA PRIVATE KEY-----", StringSplitOptions.RemoveEmptyEntries);

            sections = sections[0].Split("-----END RSA PRIVATE KEY-----", StringSplitOptions.RemoveEmptyEntries);

            //insert missing newlines that cause a problem on reading the certificate
            string key = "-----BEGIN RSA PRIVATE KEY-----\r\n" + sections[0] + "\r\n-----END RSA PRIVATE KEY-----";

            var utcNow  = DateTime.UtcNow;
            var payload = new Dictionary <string, object>
            {
                { "iat", ToUtcSeconds(utcNow) },
                { "exp", ToUtcSeconds(utcNow.AddSeconds(600)) },
                { "iss", 62050 }
            };

            var jwtToken = JWTHelper.CreateEncodedJwtToken(key, payload);

            // Pass the JWT as a Bearer token to Octokit.net
            var appClient = new GitHubClient(new ProductHeaderValue(_configuration.GetValue <string>("product")))
            {
                Credentials = new Credentials(jwtToken, AuthenticationType.Bearer)
            };

            // Get a list of installations for the authenticated GitHubApp and installationID for microsoftgraph
            var installations = await appClient.GitHubApps.GetAllInstallationsForCurrent();

            var id = installations.Where(installation => installation.Account.Login == "microsoftgraph").FirstOrDefault().Id;

            // Create an Installation token for the microsoftgraph installation instance
            var response = await appClient.GitHubApps.CreateInstallationToken(id);

            token = response.Token;

            //set cache to expire at the same time as the token
            var cacheEntryOptions = new MemoryCacheEntryOptions().SetAbsoluteExpiration(response.ExpiresAt);

            _cache.Set(Constants.GitHubToken, token, cacheEntryOptions);

            return(token);
        }