Add audit events for Duo Workflow interactions

Problem

Our short-term implementation in #467160 (closed) did not include identifying Duo Workflow in audit events. This is needed to make it transparent to customers when an action was taken by Duo Workflow vs. the actual user.

Desired Outcome

Actions taken by duo workflow are clearly identifiable via audit events.

Proposed Solution

Originally proposed in #467160 (closed):

When actions are taken by a token with the ai_workflows scope, an audit event is emitted. Similar to how we audit impersonation actions.