You may be able to simplify this by using the same github connection and passing the additional scopes in the connection_scope param from the application that needs it when it makes the /authorize request.
You can read the details of this approach in this FAQ: