Thanks for the response. I can surely use PAT for authentication but wanted to support OAuth2.0 as well in my tool
They have mentioned it in their announcement as well and I missed it. The Audit Log API endpoint is accessible to the Enterprise account and is authenticated via Service Account.
Thanks again for the clarification!