diff --git a/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md b/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md
index c98b326756..f7d1ea471e 100644
--- a/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md
+++ b/content/authentication/keeping-your-account-and-data-secure/reviewing-your-security-log.md
@@ -36,8 +36,9 @@ The events listed in your security log are triggered by your actions. Actions ar
 | `billing` | Contains all activities related to your billing information.
 | `codespaces` | Contains all activities related to {% data variables.product.prodname_github_codespaces %}. For more information, see "[AUTOTITLE](/codespaces/overview)."
 | `marketplace_agreement_signature` | Contains all activities related to signing the {% data variables.product.prodname_marketplace %} Developer Agreement.
-| `marketplace_listing`| Contains all activities related to listing apps in {% data variables.product.prodname_marketplace %}.{% endif %}
-| `oauth_access` | Contains all activities related to {% data variables.product.prodname_oauth_apps %} you've connected with. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."{% ifversion passkeys %}
+| `marketplace_listing`| Contains all activities related to listing apps in {% data variables.product.prodname_marketplace %}.{% endif %}{% ifversion security-log-oauth-access-tokens %}
+| `oauth_access` | Contains all activities related to OAuth access tokens.{% endif %}
+| `oauth_authorization` | Contains all activities related to authorizing {% data variables.product.prodname_oauth_apps %}. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."{% ifversion passkeys %}
 | `passkey` | Contains activities related to your passkeys. For more information, see "[AUTOTITLE](/authentication/authenticating-with-a-passkey/about-passkeys)."{% endif %}{% ifversion fpt or ghec %}
 | `payment_method` | Contains all activities related to paying for your {% data variables.product.prodname_dotcom %} subscription.{% endif %}{% ifversion pat-v2%}
 | `personal_access_token` | Contains activities related to {% data variables.product.pat_v2 %}s. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)."{% endif %}
diff --git a/content/authentication/keeping-your-account-and-data-secure/security-log-events.md b/content/authentication/keeping-your-account-and-data-secure/security-log-events.md
index 6ae725cc4a..b676172d90 100644
--- a/content/authentication/keeping-your-account-and-data-secure/security-log-events.md
+++ b/content/authentication/keeping-your-account-and-data-secure/security-log-events.md
@@ -52,14 +52,25 @@ topics:
 | `redraft` | Triggered when your listing is sent back to draft state.
 | `reject` | Triggered when your listing is not accepted for inclusion in {% data variables.product.prodname_marketplace %}.
 
+{% endif %}{% ifversion security-log-oauth-access-tokens %}
+
+## `oauth_access` category actions
+
+| Action | Description
+|------------------|-------------------
+| `create` | Triggered when you create a new OAuth access token.
+| `destroy` | Triggered when you delete an OAuth access token.
+| `regenerate` | Triggered when you regenerate an OAuth access token.
+| `update` | Triggered when you update an OAuth access token.
+
 {% endif %}
 
 ## `oauth_authorization` category actions
 
 | Action | Description
 |------------------|-------------------
-| `create` | Triggered when you [grant access to an {% data variables.product.prodname_oauth_app %}](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps).
-| `destroy` | Triggered when you [revoke an {% data variables.product.prodname_oauth_app %}'s access to your account](/apps/using-github-apps/reviewing-your-authorized-integrations) and when [authorizations are revoked or expire](/authentication/keeping-your-account-and-data-secure/token-expiration-and-revocation).
+| `create` | Triggered when you grant access to an {% data variables.product.prodname_oauth_app %}. For more information, see "[AUTOTITLE](/apps/oauth-apps/using-oauth-apps/authorizing-oauth-apps)."
+| `destroy` | Triggered when you revoke an {% data variables.product.prodname_oauth_app %}'s access to your account, and when authorizations are revoked or expired. For more information, see "[AUTOTITLE](/apps/using-github-apps/reviewing-your-authorized-integrations)," and "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/token-expiration-and-revocation)."
 
 {% ifversion passkeys %}
 
diff --git a/data/features/security-log-oauth-access-tokens.yml b/data/features/security-log-oauth-access-tokens.yml
new file mode 100644
index 0000000000..5a8ffd80fd
--- /dev/null
+++ b/data/features/security-log-oauth-access-tokens.yml
@@ -0,0 +1,6 @@
+# Reference: #10912
+# Documentation for security log events for OAuth access tokens.
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '> 3.9'