What's the difference between using a PAT vs GCM?

[wAuner]

I couldn't understand the difference between the usage of a personal access token which I create manually via the web UI vs using GCM. I'm on macOS.
As far as I can tell, GCM creates a Personal Access Token itself.
Is there any difference from a security perspective between those two approaches?

[mjcheetham]

GCM creates OAuth tokens automatically when Git requires a fresh credential, and stores them in the login Keychain (for macOS). It also deals with deleting expired or revoked credentials (Git tells GCM the token is "bad").

Tokens created by GCM have the repo, gist, and workflow scopes.

Creating a PAT in the web UI and using this as the password (and using the osxkeychain credential helper) would achieve much of the same thing, but you'd need to manually generate the PAT with the correct permissions, and ensure it was up-to-date/generate new ones.