Enterprise and organizations administrators can now create personal access tokens (classic) and OAuth apps with the
read:audit_log scope to access the Audit Log REST API.
Why is this important? Stolen and compromised credentials are the number one cause of data breaches across the industry. To mitigate the risk of compromised credentials, GitHub recommends adhering to the principle of least privilege which promotes "giving a user account or process only those privileges which are essential to perform its intended function." The new scope will enable access to the audit log endpoints, without requiring full administrative privileges.
This feature is generally available for GitHub Enterprise Cloud customers, and will be released to GitHub Enterprise Server in version 3.8. To learn more, read our documentation on using the audit log API for your enterprise.