diff --git a/src/ldap.js b/src/ldap.js
index 2dc5490a0..b8623384a 100644
--- a/src/ldap.js
+++ b/src/ldap.js
@@ -410,7 +410,7 @@ function authorizeUserForApp(req, res, next) {
             // we return no such object, to avoid leakage of a users existence
             if (!result) return next(new ldap.NoSuchObjectError(req.dn.toString()));
 
-            eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'ldap', appId: app.id }, { userId: req.user.id, user: user.removePrivateFields(req.user) });
+            eventlog.add(eventlog.ACTION_USER_LOGIN, { authType: 'ldap', appId: app.id, app: app }, { userId: req.user.id, user: user.removePrivateFields(req.user) });
 
             res.end();
         });
diff --git a/src/routes/oauth2.js b/src/routes/oauth2.js
index 126bbc804..1f9121d1d 100644
--- a/src/routes/oauth2.js
+++ b/src/routes/oauth2.js
@@ -26,9 +26,10 @@ var apps = require('../apps'),
     util = require('util'),
     _ = require('underscore');
 
-function auditSource(req, appId) {
+// appObject is optional here
+function auditSource(req, appId, appObject) {
     var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress || null;
-    return { authType: 'oauth', ip: ip, appId: appId };
+    return { authType: 'oauth', ip: ip, appId: appId, app: appObject };
 }
 
 // create OAuth 2.0 server
@@ -458,7 +459,7 @@ var authorization = [
                 if (error) return sendError(req, res, 'Internal error');
                 if (!access) return sendErrorPageOrRedirect(req, res, 'No access to this app.');
 
-                eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req, appObject.id), { userId: req.oauth2.user.id, user: user.removePrivateFields(req.oauth2.user) });
+                eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req, appObject.id, appObject), { userId: req.oauth2.user.id, user: user.removePrivateFields(req.oauth2.user) });
 
                 next();
             });