diff --git a/config/audit_events/types/oauth_application_created.yml b/config/audit_events/types/oauth_application_created.yml
new file mode 100644
index 0000000000000000000000000000000000000000..b4b8b1deb43bb4a765647ccd95b9744882dae67b
--- /dev/null
+++ b/config/audit_events/types/oauth_application_created.yml
@@ -0,0 +1,10 @@
+---
+name: oauth_application_created
+description: User creates an OAuth application
+introduced_by_issue: https://gitlab.com/gitlab-org/gitlab/-/issues/550321
+introduced_by_mr: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/194557
+feature_category: authorization
+milestone: '18.2'
+saved_to_database: true
+streamed: true
+scope: [User]
diff --git a/doc/user/compliance/audit_event_types.md b/doc/user/compliance/audit_event_types.md
index 90ecb8469049b5989609aa38418b8d417d68b1c8..a8e973448ebfa26860ed9f71c493cc56b269d441 100644
--- a/doc/user/compliance/audit_event_types.md
+++ b/doc/user/compliance/audit_event_types.md
@@ -103,6 +103,7 @@ Audit event types belong to the following product categories.
 
 | Type name | Event triggered when | Saved to database | Introduced in | Scope |
 |:----------|:---------------------|:------------------|:--------------|:------|
+| [`oauth_application_created`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/194557) | User creates an OAuth application | {{< icon name="check-circle" >}} Yes | GitLab [18.2](https://gitlab.com/gitlab-org/gitlab/-/issues/550321) | User |
 | [`secure_ci_job_token_policies_updated`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/170930) | Permissions are updated for a CI_JOB_TOKEN scope | {{< icon name="check-circle" >}} Yes | GitLab [17.6](https://gitlab.com/gitlab-org/gitlab/-/issues/495144) | Project |
 | [`user_authorized_oauth_application`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/179187) | User authorized an OAuth application | {{< icon name="check-circle" >}} Yes | GitLab [17.9](https://gitlab.com/gitlab-org/gitlab/-/issues/514152) | User |
 
diff --git a/ee/app/services/ee/applications/create_service.rb b/ee/app/services/ee/applications/create_service.rb
index 1c4f10f633c5cb7a9cafbceb867cb16dd89734ce..4b6b5a56c075c57b6b76c7a70471504aa9d01f52 100644
--- a/ee/app/services/ee/applications/create_service.rb
+++ b/ee/app/services/ee/applications/create_service.rb
@@ -24,17 +24,29 @@ def disable_ropc_available?
       override :execute
       def execute(request)
         super.tap do |application|
-          entity = application.owner || current_user
-          audit_event_service(entity, request.remote_ip).for_user(full_path: application.name, entity_id: application.id).security_event
+          audit_oauth_application_creation(application, request.remote_ip)
         end
       end
 
-      def audit_event_service(entity, ip_address)
-        ::AuditEventService.new(current_user,
-          entity,
-          action: :custom,
-          custom_message: 'OAuth application added',
-          ip_address: ip_address)
+      private
+
+      def audit_oauth_application_creation(application, ip_address)
+        entity = application.owner || current_user
+
+        ::Gitlab::Audit::Auditor.audit(
+          name: 'oauth_application_created',
+          author: current_user,
+          scope: entity,
+          target: application,
+          message: 'OAuth application added',
+          additional_details: {
+            application_name: application.name,
+            application_id: application.id,
+            scopes: application.scopes.to_a,
+            redirect_uri: application.redirect_uri[0, 100]
+          },
+          ip_address: ip_address
+        )
       end
     end
   end
diff --git a/ee/spec/services/applications/create_service_spec.rb b/ee/spec/services/applications/create_service_spec.rb
index 21978de674b6f4a4fb5d4499a126a66792f1bde5..aedc932e8b9764299a8ea54aaa073c0cc8311e4e 100644
--- a/ee/spec/services/applications/create_service_spec.rb
+++ b/ee/spec/services/applications/create_service_spec.rb
@@ -9,11 +9,11 @@
   let_it_be(:user) { create(:user) }
 
   let(:group) { create(:group) }
-  let(:params) { attributes_for(:application, scopes: ['read_user']) }
+  let(:params) { attributes_for(:application, scopes: %w[read_user]) }
 
   subject(:service) { described_class.new(user, params) }
 
-  describe '#audit_event_service' do
+  describe '#audit_oauth_application_creation' do
     where(:case_name, :owner, :entity_type) do
       'instance application' | nil         | 'User'
       'group application'    | ref(:group) | 'Group'
@@ -26,11 +26,45 @@
         params[:owner] = owner
       end
 
+      it 'creates audit event with correct parameters' do
+        expect(::Gitlab::Audit::Auditor).to receive(:audit).with(
+          name: 'oauth_application_created',
+          author: user,
+          scope: owner || user,
+          target: instance_of(::Doorkeeper::Application),
+          message: 'OAuth application added',
+          additional_details: hash_including(
+            application_name: anything,
+            application_id: anything,
+            scopes: %w[read_user]
+          ),
+          ip_address: test_request.remote_ip
+        )
+
+        service.execute(test_request)
+      end
+
       it 'creates AuditEvent with correct entity type' do
-        expect { subject.execute(test_request) }.to change(AuditEvent, :count).by(1)
+        expect { service.execute(test_request) }.to change(AuditEvent, :count).by(1)
         expect(AuditEvent.last.entity_type).to eq(entity_type)
       end
     end
+
+    context 'when application has multiple scopes' do
+      let(:params) { attributes_for(:application, scopes: %w[api read_user read_repository]) }
+
+      it 'includes all scopes in audit details' do
+        expect(::Gitlab::Audit::Auditor).to receive(:audit).with(
+          hash_including(
+            additional_details: hash_including(
+              scopes: %w[api read_user read_repository]
+            )
+          )
+        )
+
+        service.execute(test_request)
+      end
+    end
   end
 
   context 'for ROPC' do