Add Group SAML activities to Group Audit Events

Problem to solve

Audit Events are a useful way to view GitLab activity, but most of them are instance-level only and stashed away in the admin panel. With the introduction of Group SAML, we should include these events in the audit log for the group.

Proposal

Log Group SAML activity in Audit Events for the group.

What does success look like, and how can we measure that?

Successful and failed logins via SAML are logged in Audit Events at the namespace level.

Implementation plan

Find entry point for SAML success and failure login
Inject audit event service for those points
Add SAML success and failure to documentation for group-level audit events

Potential obstacles

Setting up SAML on GDK can be tricky, but completely doable.

Links / references

Edited Sep 16, 2021 by Dennis Tang