Add audit events for external/internal user status change
Release notes
Problem to solve
Currently, GitLab does not generate audit events when a user's external/internal status is changed. This creates a gap in audit trails that makes it difficult for administrators to track when users gain or lose access to internal projects and features. Organizations need to monitor these changes for:
Security compliance requirements Troubleshooting access issues Understanding permission escalations Meeting audit requirements
Without audit events for external/internal status changes, administrators have no way to track when these critical permission changes occur, who made them, or when they happened.
Proposal
Add audit events that are generated when:
A user is changed from external to internal status A user is changed from internal to external status
The audit events should include:
User being modified (target) Admin user making the change (author) Timestamp of the change Previous status (external/internal) New status (external/internal) Method of change (admin panel, API, SAML sync, etc.)
This would align with existing audit events for other user modifications like role changes, account activation/deactivation, and group membership changes.
Intended users
Feature Usage Metrics
Does this feature require an audit event?
Yes, this feature request is specifically about adding audit events for external/internal user status changes. The feature itself would create new audit events in the system.