Log Token Creation in User Activity
Proposal
Currently when a user creates a project application token that activity is not logged into the user's activity feed.
Recently I created an application token in one project and closed the browser tab. Unable to recall which project the token was created in (currently a member of 200+ projects) I searched my activity feed where I did not see any administrative activity. Since I had the token I used the user API endpoint to locate the project and revoke the token.
curl --header "PRIVATE-TOKEN: glpat-[token value]" "https://gitlab.com/api/v4/user"
For security purposes it would be great to log admin actions to my activity feed to ensure I was the one making the changes. Also would save time in when an action was erroneous.
When a PAT is created, adding the project change or modification to that activity log of the user who took the action would add clarity to their administrative actions. This is valuable for access provisioning actions such as token creation.