This missing is a bit of a security risk as if a user creates an API key we cannot audit it and understand who performed the action within our organization. Talking to support they could not tell us which user created an API key.

A user created an API key and then we could not tell who had performed the action though it was someone who we would have allowed to do it. Were we able to tell it was them, we'd not have needed to contact support. We had to reach out to all our users and figure this out which made this action overly costly.

A separate facet to this would be the need to access this information in a log feed which could be ingested to a SIEM to allow for general ingestion and automation of alerts and actions. This along with the information associated to a key would aid tying Mailgun into broader common security practices and also allow less support questions for what may normally be a standard task.