diff --git a/.github/workflows/renovate-bot.yml b/.github/workflows/renovate-bot.yml
index ac741ae13c..21035d348e 100644
--- a/.github/workflows/renovate-bot.yml
+++ b/.github/workflows/renovate-bot.yml
@@ -20,7 +20,7 @@ jobs:
             - name: Run Renovate
               env:
                   # RENOVATE_TOKEN should have access :read_user, api, write_repository (repo checkbox)
-                  RENOVATE_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+                  RENOVATE_TOKEN: ${{ secrets.ROBOT_PAT }}
                   RENOVATE_CONFIG_FILE: ${{ github.workspace }}/renovate-config.js
                   LOG_LEVEL: error
               run: |
diff --git a/renovate-config.js b/renovate-config.js
index 78067292ba..f6b966479c 100644
--- a/renovate-config.js
+++ b/renovate-config.js
@@ -1,14 +1,45 @@
 module.exports = {
-    extends: ["config:recommended", "group:allNonMajor"],
-    major: { dependencyDashboardApproval: true },
-    dependencyDashboard: true,
+    globalExtends: ["config:recommended"], // using this instead of "extends" solves the problem with order of the configuration
     repositories: ['zowe/api-layer'],
     baseBranches: ["v2.x.x","v3.x.x"],
+    dependencyDashboard: true,
+    packageRules: [
+        {
+            //for v2.x.x branch ignore grouping from extends preset, find all packages which are patches,
+            // slug them and make PR with name "all patch dependencies"
+            "matchBaseBranches": ["v2.x.x"],
+            "groupName": "all patch dependencies",
+            "groupSlug": "all-patch",
+            "matchPackageNames": ["*"],
+            "matchUpdateTypes": ["patch"],
+        },
+        {
+            //for v2.x.x make dashboard approval to all major and minor dependencies updates
+            "matchBaseBranches": ["v2.x.x"],
+            "matchUpdateTypes": ["major", "minor"],
+            "dependencyDashboardApproval": true,
+        },
+        {
+            //for v3.x.x branch find all packages which are minor and patches,
+            // slug them and make PR with name "all non-major dependencies"
+            "matchBaseBranches": ["v3.x.x"],
+            "groupName": "all non-major dependencies",
+            "groupSlug": "all-minor-patch",
+            "matchPackageNames": ["*"],
+            "matchUpdateTypes": ["minor", "patch"]
+        },
+        {
+            //for v3.x.x make dashboard approval to all major dependencies updates
+            "matchBaseBranches": ["v3.x.x"],
+            "matchUpdateTypes": ["major"],
+            "dependencyDashboardApproval": true,
+        }
+    ],
     printConfig: true,
-    labels: ["dependencies"],
-    dependencyDashboardLabels: ["dependencies"],
+    labels: ['dependencies'],
+    dependencyDashboardLabels: ['dependencies'],
     commitMessagePrefix: 'chore: ',
     prHourlyLimit: 0, // removes rate limit for PR creation per hour
-    npmrc: "legacy-peer-deps=true", //for updating lock-files
+    npmrc: 'legacy-peer-deps=true', //for updating lock-files
     npmrcMerge: true //be combined with a "global" npmrc
 };