diff --git a/dashboard/src/js/client.js b/dashboard/src/js/client.js
index de3016805..099e2fa7d 100644
--- a/dashboard/src/js/client.js
+++ b/dashboard/src/js/client.js
@@ -3829,7 +3829,8 @@ angular.module('Application').service('Client', ['$http', '$interval', '$timeout
             return 'Apps of ' + data.oldOwnerId + ' was transferred to ' + data.newOwnerId;
 
         case ACTION_USER_LOGIN:
-            return 'User ' + (data.user ? data.user.username : data.userId) + ' logged in';
+            app = this.getCachedAppSync(data.appId);
+            return 'User ' + (data.user ? data.user.username : data.userId) + ' logged in to ' + (app ? app.fqdn : data.appId);
 
         case ACTION_USER_LOGIN_GHOST:
             return 'User ' + (data.user ? data.user.username : data.userId) + ' was impersonated';
diff --git a/src/oidc.js b/src/oidc.js
index 48634032e..47210637d 100644
--- a/src/oidc.js
+++ b/src/oidc.js
@@ -531,7 +531,7 @@ function interactionLogin(provider) {
         const [interactionFinishError, redirectTo] = await safe(provider.interactionResult(req, res, result));
         if (interactionFinishError) return next(new HttpError(500, interactionFinishError));
 
-        await eventlog.add(user.ghost ? eventlog.ACTION_USER_LOGIN_GHOST : eventlog.ACTION_USER_LOGIN, auditSource, { userId: user.id, user: users.removePrivateFields(user) });
+        await eventlog.add(user.ghost ? eventlog.ACTION_USER_LOGIN_GHOST : eventlog.ACTION_USER_LOGIN, auditSource, { userId: user.id, user: users.removePrivateFields(user), appId: clientId });
         if (!user.ghost) safe(users.notifyLoginLocation(user, ip, userAgent, auditSource), { debug });
 
         // debug(`route interaction login post result redirectTo:${redirectTo}`);