diff --git a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java
index 2772e87e2..3c8cc3438 100644
--- a/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java
+++ b/li.strolch.agent/src/main/java/li/strolch/runtime/privilege/DefaultStrolchPrivilegeHandler.java
@@ -22,7 +22,11 @@ import java.util.Map;
 
 import li.strolch.agent.api.ComponentContainer;
 import li.strolch.agent.api.StrolchComponent;
+import li.strolch.agent.api.StrolchRealm;
 import li.strolch.exception.StrolchException;
+import li.strolch.model.audit.AccessType;
+import li.strolch.model.audit.Audit;
+import li.strolch.persistence.api.StrolchTransaction;
 import li.strolch.runtime.configuration.ComponentConfiguration;
 import li.strolch.runtime.configuration.RuntimeConfiguration;
 import ch.eitchnet.privilege.base.AccessDeniedException;
@@ -110,7 +114,15 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
 	public Certificate authenticate(String username, byte[] password) {
 		assertContainerStarted();
 		try {
-			return this.privilegeHandler.authenticate(username, password);
+			Certificate certificate = this.privilegeHandler.authenticate(username, password);
+			StrolchRealm realm = getContainer().getRealm(certificate);
+			try (StrolchTransaction tx = realm.openTx(certificate, getClass())) {
+				tx.setSuppressDoNothingLogging(true);
+				tx.setSuppressAudits(true);
+				Audit audit = tx.auditFrom(AccessType.CREATE, Certificate.class.getSimpleName(), username);
+				tx.getAuditTrail().add(tx, audit);
+			}
+			return certificate;
 		} catch (AccessDeniedException e) {
 			throw new StrolchException("Authentication credentials are invalid", e); //$NON-NLS-1$
 		}
@@ -131,7 +143,15 @@ public class DefaultStrolchPrivilegeHandler extends StrolchComponent implements
 	@Override
 	public boolean invalidateSession(Certificate certificate) {
 		assertContainerStarted();
-		return this.privilegeHandler.invalidateSession(certificate);
+		boolean invalidateSession = this.privilegeHandler.invalidateSession(certificate);
+		StrolchRealm realm = getContainer().getRealm(certificate);
+		try (StrolchTransaction tx = realm.openTx(certificate, getClass())) {
+			tx.setSuppressDoNothingLogging(true);
+			tx.setSuppressAudits(true);
+			Audit audit = tx.auditFrom(AccessType.DELETE, Certificate.class.getSimpleName(), certificate.getUsername());
+			tx.getAuditTrail().add(tx, audit);
+		}
+		return invalidateSession;
 	}
 
 	@Override