<!-- Audit event documentation: See https://docs.gitlab.com/ee/administration/audit_events.html --> <!-- Streaming audit event documentation: See https://docs.gitlab.com/ee/administration/audit_event_streaming.html --> ## Audit need Currently, when a user adds/removes an [OAuth application](https://docs.gitlab.com/ee/integration/oauth_provider.html#create-a-user-owned-application), no audit event is generated. This event is important for security team to monitor the OAuth applications authorised by user on a specific gitlab instance. ## Proposal When user successfully authorise an OAuth application, then add an event saying `User authorised an OAuth application` along with the application id. Details that could be added to the event: - IP address - Author - Application ID - user-id We have recently added [an MR](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/177428) to log this event in the `production_json.log` file. ### Streaming-only event or normal event? It could be a normal event as the volume won't be too much.