The only way to tell when new access tokens are added is to periodically run a manual audit.
It would be helpful if all the people in the admin group could receive an email when a new token is added, so we can quickly detect any unexpected issuance.
Rob W
Thanks for the suggestion! We will take this into consideration as part of a wider set of security enablements within Developer Center next year.