diff --git a/authentik/providers/oauth2/models.py b/authentik/providers/oauth2/models.py
index 6d481e6e7..b44638b00 100644
--- a/authentik/providers/oauth2/models.py
+++ b/authentik/providers/oauth2/models.py
@@ -230,6 +230,11 @@ class OAuth2Provider(Provider):
             # if the user selected RS256 but didn't select a
             # CertificateKeyPair, we fall back to HS256
             if not self.rsa_key:
+                Event.new(
+                    EventAction.CONFIGURATION_ERROR,
+                    provider=self,
+                    message="Provider was configured for RS256, but no key was selected.",
+                ).save()
                 self.jwt_alg = JWTAlgorithms.HS256
                 self.save()
             else:
diff --git a/authentik/providers/oauth2/views/authorize.py b/authentik/providers/oauth2/views/authorize.py
index e61f45018..8a2056c82 100644
--- a/authentik/providers/oauth2/views/authorize.py
+++ b/authentik/providers/oauth2/views/authorize.py
@@ -153,6 +153,13 @@ class OAuthAuthorizationParams:
         if self.redirect_uri.lower() not in [
             x.lower() for x in self.provider.redirect_uris.split()
         ]:
+            Event.new(
+                EventAction.CONFIGURATION_ERROR,
+                provider=self.provider,
+                message="Invalid redirect URI was used.",
+                client_used=self.redirect_uri,
+                configured=self.provider.redirect_uris.split(),
+            ).save()
             LOGGER.warning(
                 "Invalid redirect uri",
                 redirect_uri=self.redirect_uri,
diff --git a/authentik/providers/saml/views.py b/authentik/providers/saml/views.py
index 7e1dbb204..e97410de7 100644
--- a/authentik/providers/saml/views.py
+++ b/authentik/providers/saml/views.py
@@ -115,6 +115,11 @@ class SAMLSSOBindingRedirectView(SAMLSSOView):
             )
             self.request.session[SESSION_KEY_AUTH_N_REQUEST] = auth_n_request
         except CannotHandleAssertion as exc:
+            Event.new(
+                EventAction.CONFIGURATION_ERROR,
+                provider=self.provider,
+                message=str(exc),
+            ).save()
             LOGGER.info(exc)
             return bad_request_message(self.request, str(exc))
         return None
diff --git a/swagger.yaml b/swagger.yaml
index 306362579..35ab9c741 100755
--- a/swagger.yaml
+++ b/swagger.yaml
@@ -7011,6 +7011,7 @@ definitions:
           - policy_execution
           - policy_exception
           - property_mapping_exception
+          - configuration_error
           - model_created
           - model_updated
           - model_deleted