diff --git a/lib/events/api.go b/lib/events/api.go
index fd53f60c56165..bd246b2dbb2cb 100644
--- a/lib/events/api.go
+++ b/lib/events/api.go
@@ -643,6 +643,11 @@ const (
 	// Tokens are spent in exchange for a single on-behalf-of device
 	// authentication attempt.
 	DeviceWebTokenCreateEvent = "device.webtoken.create"
+	// DeviceAuthenticateConfirmEvent is emitted when a device web authentication
+	// attempt is confirmed (via the ConfirmDeviceWebAuthentication RPC).
+	// A confirmed web authentication means the WebSession itself now holds
+	// augmented TLS and SSH certificates.
+	DeviceAuthenticateConfirmEvent = "device.authenticate.confirm"
 
 	// BotJoinEvent is emitted when a bot joins
 	BotJoinEvent = "bot.join"
diff --git a/lib/events/codes.go b/lib/events/codes.go
index d0f9d79fd8ae9..8be9e27432fd8 100644
--- a/lib/events/codes.go
+++ b/lib/events/codes.go
@@ -466,6 +466,8 @@ const (
 	DeviceUpdateCode = "TV007I"
 	// DeviceWebTokenCreateCode is the device web token creation code.
 	DeviceWebTokenCreateCode = "TV008I"
+	// DeviceAuthenticateConfirmCode is the device authentication confirm code.
+	DeviceAuthenticateConfirmCode = "TV009I"
 
 	// LoginRuleCreateCode is the login rule create code.
 	LoginRuleCreateCode = "TLR00I"
diff --git a/lib/events/dynamic.go b/lib/events/dynamic.go
index bca00c00ffa1f..05dcc25e7b453 100644
--- a/lib/events/dynamic.go
+++ b/lib/events/dynamic.go
@@ -251,7 +251,8 @@ func FromEventFields(fields EventFields) (events.AuditEvent, error) {
 		DeviceEnrollEvent,
 		DeviceAuthenticateEvent,
 		DeviceEnrollTokenCreateEvent,
-		DeviceWebTokenCreateEvent:
+		DeviceWebTokenCreateEvent,
+		DeviceAuthenticateConfirmEvent:
 		e = &events.DeviceEvent2{}
 	case LockCreatedEvent:
 		e = &events.LockCreate{}
diff --git a/web/packages/teleport/src/Audit/EventList/EventTypeCell.tsx b/web/packages/teleport/src/Audit/EventList/EventTypeCell.tsx
index 7895cd9dbf71f..332efffedb31c 100644
--- a/web/packages/teleport/src/Audit/EventList/EventTypeCell.tsx
+++ b/web/packages/teleport/src/Audit/EventList/EventTypeCell.tsx
@@ -200,6 +200,7 @@ const EventIconMap: Record<EventCode, any> = {
   [eventCodes.DEVICE_ENROLL_TOKEN_SPENT]: Icons.Info,
   [eventCodes.DEVICE_UPDATE]: Icons.Info,
   [eventCodes.DEVICE_WEB_TOKEN_CREATE]: Icons.Info,
+  [eventCodes.DEVICE_AUTHENTICATE_CONFIRM]: Icons.Info,
   [eventCodes.MFA_DEVICE_ADD]: Icons.Info,
   [eventCodes.MFA_DEVICE_DELETE]: Icons.Info,
   [eventCodes.BILLING_CARD_CREATE]: Icons.CreditCard,
diff --git a/web/packages/teleport/src/Audit/__snapshots__/Audit.story.test.tsx.snap b/web/packages/teleport/src/Audit/__snapshots__/Audit.story.test.tsx.snap
index f9df398c52daa..4a4703479b05f 100644
--- a/web/packages/teleport/src/Audit/__snapshots__/Audit.story.test.tsx.snap
+++ b/web/packages/teleport/src/Audit/__snapshots__/Audit.story.test.tsx.snap
@@ -406,12 +406,12 @@ exports[`list of all events 1`] = `
         </strong>
          - 
         <strong>
-          234
+          237
         </strong>
          of
          
         <strong>
-          234
+          237
         </strong>
       </div>
       <button
@@ -537,6 +537,168 @@ exports[`list of all events 1`] = `
       </tr>
     </thead>
     <tbody>
+      <tr>
+        <td
+          style="vertical-align: inherit;"
+        >
+          <div
+            class="c18"
+          >
+            <span
+              class="c19 icon icon-info"
+            >
+              <svg
+                fill="currentColor"
+                height="20"
+                viewBox="0 0 24 24"
+                width="20"
+              >
+                <path
+                  d="M11.625 8.8125C12.1428 8.8125 12.5625 8.39277 12.5625 7.875C12.5625 7.35723 12.1428 6.9375 11.625 6.9375C11.1072 6.9375 10.6875 7.35723 10.6875 7.875C10.6875 8.39277 11.1072 8.8125 11.625 8.8125Z"
+                />
+                <path
+                  d="M10.5 11.25C10.5 10.8358 10.8358 10.5 11.25 10.5C11.6478 10.5 12.0294 10.658 12.3107 10.9393C12.592 11.2206 12.75 11.6022 12.75 12V15.75C13.1642 15.75 13.5 16.0858 13.5 16.5C13.5 16.9142 13.1642 17.25 12.75 17.25C12.3522 17.25 11.9706 17.092 11.6893 16.8107C11.408 16.5294 11.25 16.1478 11.25 15.75V12C10.8358 12 10.5 11.6642 10.5 11.25Z"
+                />
+                <path
+                  clip-rule="evenodd"
+                  d="M12 2.25C6.61522 2.25 2.25 6.61522 2.25 12C2.25 17.3848 6.61522 21.75 12 21.75C17.3848 21.75 21.75 17.3848 21.75 12C21.75 6.61522 17.3848 2.25 12 2.25ZM3.75 12C3.75 7.44365 7.44365 3.75 12 3.75C16.5563 3.75 20.25 7.44365 20.25 12C20.25 16.5563 16.5563 20.25 12 20.25C7.44365 20.25 3.75 16.5563 3.75 12Z"
+                  fill-rule="evenodd"
+                />
+              </svg>
+            </span>
+            Device Web Authentication Confirmed
+          </div>
+        </td>
+        <td
+          style="word-break: break-word;"
+        >
+          User [llama] has confirmed device web authentication
+        </td>
+        <td
+          style="min-width: 120px;"
+        >
+          2024-04-08T19:36:48.1Z
+        </td>
+        <td
+          align="right"
+        >
+          <button
+            class="c20"
+            kind="border"
+            width="87px"
+          >
+            Details
+          </button>
+        </td>
+      </tr>
+      <tr>
+        <td
+          style="vertical-align: inherit;"
+        >
+          <div
+            class="c18"
+          >
+            <span
+              class="c19 icon icon-info"
+            >
+              <svg
+                fill="currentColor"
+                height="20"
+                viewBox="0 0 24 24"
+                width="20"
+              >
+                <path
+                  d="M11.625 8.8125C12.1428 8.8125 12.5625 8.39277 12.5625 7.875C12.5625 7.35723 12.1428 6.9375 11.625 6.9375C11.1072 6.9375 10.6875 7.35723 10.6875 7.875C10.6875 8.39277 11.1072 8.8125 11.625 8.8125Z"
+                />
+                <path
+                  d="M10.5 11.25C10.5 10.8358 10.8358 10.5 11.25 10.5C11.6478 10.5 12.0294 10.658 12.3107 10.9393C12.592 11.2206 12.75 11.6022 12.75 12V15.75C13.1642 15.75 13.5 16.0858 13.5 16.5C13.5 16.9142 13.1642 17.25 12.75 17.25C12.3522 17.25 11.9706 17.092 11.6893 16.8107C11.408 16.5294 11.25 16.1478 11.25 15.75V12C10.8358 12 10.5 11.6642 10.5 11.25Z"
+                />
+                <path
+                  clip-rule="evenodd"
+                  d="M12 2.25C6.61522 2.25 2.25 6.61522 2.25 12C2.25 17.3848 6.61522 21.75 12 21.75C17.3848 21.75 21.75 17.3848 21.75 12C21.75 6.61522 17.3848 2.25 12 2.25ZM3.75 12C3.75 7.44365 7.44365 3.75 12 3.75C16.5563 3.75 20.25 7.44365 20.25 12C20.25 16.5563 16.5563 20.25 12 20.25C7.44365 20.25 3.75 16.5563 3.75 12Z"
+                  fill-rule="evenodd"
+                />
+              </svg>
+            </span>
+            Device Web Authentication Confirmed
+          </div>
+        </td>
+        <td
+          style="word-break: break-word;"
+        >
+          User [llama] has failed to confirm device web authentication
+        </td>
+        <td
+          style="min-width: 120px;"
+        >
+          2024-04-08T19:35:48.1Z
+        </td>
+        <td
+          align="right"
+        >
+          <button
+            class="c20"
+            kind="border"
+            width="87px"
+          >
+            Details
+          </button>
+        </td>
+      </tr>
+      <tr>
+        <td
+          style="vertical-align: inherit;"
+        >
+          <div
+            class="c18"
+          >
+            <span
+              class="c19 icon icon-info"
+            >
+              <svg
+                fill="currentColor"
+                height="20"
+                viewBox="0 0 24 24"
+                width="20"
+              >
+                <path
+                  d="M11.625 8.8125C12.1428 8.8125 12.5625 8.39277 12.5625 7.875C12.5625 7.35723 12.1428 6.9375 11.625 6.9375C11.1072 6.9375 10.6875 7.35723 10.6875 7.875C10.6875 8.39277 11.1072 8.8125 11.625 8.8125Z"
+                />
+                <path
+                  d="M10.5 11.25C10.5 10.8358 10.8358 10.5 11.25 10.5C11.6478 10.5 12.0294 10.658 12.3107 10.9393C12.592 11.2206 12.75 11.6022 12.75 12V15.75C13.1642 15.75 13.5 16.0858 13.5 16.5C13.5 16.9142 13.1642 17.25 12.75 17.25C12.3522 17.25 11.9706 17.092 11.6893 16.8107C11.408 16.5294 11.25 16.1478 11.25 15.75V12C10.8358 12 10.5 11.6642 10.5 11.25Z"
+                />
+                <path
+                  clip-rule="evenodd"
+                  d="M12 2.25C6.61522 2.25 2.25 6.61522 2.25 12C2.25 17.3848 6.61522 21.75 12 21.75C17.3848 21.75 21.75 17.3848 21.75 12C21.75 6.61522 17.3848 2.25 12 2.25ZM3.75 12C3.75 7.44365 7.44365 3.75 12 3.75C16.5563 3.75 20.25 7.44365 20.25 12C20.25 16.5563 16.5563 20.25 12 20.25C7.44365 20.25 3.75 16.5563 3.75 12Z"
+                  fill-rule="evenodd"
+                />
+              </svg>
+            </span>
+            Device Authenticated
+          </div>
+        </td>
+        <td
+          style="word-break: break-word;"
+        >
+          User [llama] has successfully authenticated their device
+        </td>
+        <td
+          style="min-width: 120px;"
+        >
+          2024-04-08T19:34:48.1Z
+        </td>
+        <td
+          align="right"
+        >
+          <button
+            class="c20"
+            kind="border"
+            width="87px"
+          >
+            Details
+          </button>
+        </td>
+      </tr>
       <tr>
         <td
           style="vertical-align: inherit;"
diff --git a/web/packages/teleport/src/Audit/fixtures/index.ts b/web/packages/teleport/src/Audit/fixtures/index.ts
index c051933bb930c..d2d633652ac84 100644
--- a/web/packages/teleport/src/Audit/fixtures/index.ts
+++ b/web/packages/teleport/src/Audit/fixtures/index.ts
@@ -3005,6 +3005,53 @@ export const events = [
     user: 'llama',
     user_kind: 1,
   },
+  {
+    cluster_name: 'im-a-cluster-name',
+    code: 'TV006I',
+    device: {
+      device_id: 'f84f6b35-6226-4e73-8205-3bcbd7d12970',
+      web_authentication: true,
+      web_session_id: 'my-session-id-12345',
+    },
+    ei: 0,
+    event: 'device.authenticate',
+    success: true,
+    time: '2024-04-08T19:34:48.1Z',
+    uid: 'fa279611-91d8-47b5-9fad-b8ea3e5286e0',
+    user: 'llama',
+  },
+  {
+    cluster_name: 'im-a-cluster-name',
+    code: 'TV009I',
+    device: {
+      device_id: 'f84f6b35-6226-4e73-8205-3bcbd7d12970',
+      web_authentication: true,
+      web_session_id: 'my-session-id-12345',
+    },
+    ei: 0,
+    event: 'device.authenticate.confirm',
+    success: false,
+    time: '2024-04-08T19:35:48.1Z',
+    uid: 'b1361d51-70fa-4f1b-803c-a252c2877707',
+    user: 'llama',
+    user_kind: 1,
+  },
+  {
+    cluster_name: 'im-a-cluster-name',
+    code: 'TV009I',
+    device: {
+      device_id: 'f84f6b35-6226-4e73-8205-3bcbd7d12970',
+      web_authentication: true,
+      web_session_id: 'my-session-id-12345',
+    },
+    ei: 0,
+    event: 'device.authenticate.confirm',
+    success: true,
+    time: '2024-04-08T19:36:48.1Z',
+    uid: 'b1361d51-70fa-4f1b-803c-a252c2877707',
+    user: 'llama',
+    user_kind: 1,
+  },
   {
     cluster_name: 'im-a-cluster-name',
     code: 'TLR00I',
diff --git a/web/packages/teleport/src/services/audit/makeEvent.ts b/web/packages/teleport/src/services/audit/makeEvent.ts
index 856f4a87d35fb..a3ca1e3784827 100644
--- a/web/packages/teleport/src/services/audit/makeEvent.ts
+++ b/web/packages/teleport/src/services/audit/makeEvent.ts
@@ -1403,6 +1403,14 @@ export const formatters: Formatters = {
         ? `User [${user}] has issued a device web token`
         : `User [${user}] has failed to issue a device web token`,
   },
+  [eventCodes.DEVICE_AUTHENTICATE_CONFIRM]: {
+    type: 'device.authenticate.confirm',
+    desc: 'Device Web Authentication Confirmed',
+    format: ({ user, status, success }) =>
+      success || (status && status.success)
+        ? `User [${user}] has confirmed device web authentication`
+        : `User [${user}] has failed to confirm device web authentication`,
+  },
   [eventCodes.X11_FORWARD]: {
     type: 'x11-forward',
     desc: 'X11 Forwarding Requested',
diff --git a/web/packages/teleport/src/services/audit/types.ts b/web/packages/teleport/src/services/audit/types.ts
index b7acfcaa780db..15ec80def7e90 100644
--- a/web/packages/teleport/src/services/audit/types.ts
+++ b/web/packages/teleport/src/services/audit/types.ts
@@ -125,6 +125,7 @@ export const eventCodes = {
   DEVICE_AUTHENTICATE: 'TV006I',
   DEVICE_UPDATE: 'TV007I',
   DEVICE_WEB_TOKEN_CREATE: 'TV008I',
+  DEVICE_AUTHENTICATE_CONFIRM: 'TV009I',
   EXEC_FAILURE: 'T3002E',
   EXEC: 'T3002I',
   GITHUB_CONNECTOR_CREATED: 'T8000I',
@@ -1248,6 +1249,9 @@ export type RawEvents = {
   [eventCodes.DEVICE_WEB_TOKEN_CREATE]: RawDeviceEvent<
     typeof eventCodes.DEVICE_WEB_TOKEN_CREATE
   >;
+  [eventCodes.DEVICE_AUTHENTICATE_CONFIRM]: RawDeviceEvent<
+    typeof eventCodes.DEVICE_AUTHENTICATE_CONFIRM
+  >;
   [eventCodes.UNKNOWN]: RawEvent<
     typeof eventCodes.UNKNOWN,
     {