diff --git a/pallas/_fastagent_patch.py b/pallas/_fastagent_patch.py
index ea26ea5..bd69609 100644
--- a/pallas/_fastagent_patch.py
+++ b/pallas/_fastagent_patch.py
@@ -32,25 +32,44 @@ _original_prepare = _mcm._prepare_headers_and_auth
 def _prepare_headers_and_auth_with_forward(server_config, **kwargs):
     headers, oauth_auth, user_auth_keys = _original_prepare(server_config, **kwargs)
 
-    if not getattr(server_config, "forward_inbound_auth", False):
+    server_name = getattr(server_config, "name", None)
+    forward_flag = getattr(server_config, "forward_inbound_auth", False)
+
+    if not forward_flag:
         return headers, oauth_auth, user_auth_keys
 
     if user_auth_keys:
+        logger.info(
+            "fastagent_forward_skipped_user_auth",
+            extra={"server": server_name},
+        )
         return headers, oauth_auth, user_auth_keys
 
     if oauth_auth is not None:
+        logger.info(
+            "fastagent_forward_skipped_oauth",
+            extra={"server": server_name},
+        )
         return headers, oauth_auth, user_auth_keys
 
     inbound = request_bearer_token.get()
     if not inbound:
+        logger.info(
+            "fastagent_forward_no_inbound",
+            extra={"server": server_name},
+        )
         return headers, oauth_auth, user_auth_keys
 
     headers = dict(headers)
     headers["Authorization"] = f"Bearer {inbound}"
     user_auth_keys = set(user_auth_keys) | {"Authorization"}
-    logger.debug(
+    logger.info(
         "fastagent_forward_inbound_auth",
-        extra={"server": getattr(server_config, "name", None)},
+        extra={
+            "server": server_name,
+            "token_len": len(inbound),
+            "token_prefix": inbound[:8],
+        },
     )
     return headers, oauth_auth, user_auth_keys
 
diff --git a/pallas/multimodal_server.py b/pallas/multimodal_server.py
index 0707e4f..dd0d6f8 100644
--- a/pallas/multimodal_server.py
+++ b/pallas/multimodal_server.py
@@ -52,9 +52,18 @@ def _get_request_bearer_token() -> str | None:
         request = get_http_request()
         auth = request.headers.get("authorization", "")
         if auth.lower().startswith("bearer "):
-            return auth[7:]
-    except Exception:
-        pass
+            token = auth[7:]
+            logger.info(
+                "pallas_inbound_bearer_captured",
+                data={"token_len": len(token), "token_prefix": token[:8]},
+            )
+            return token
+        logger.info(
+            "pallas_inbound_bearer_absent",
+            data={"has_auth_header": bool(auth)},
+        )
+    except Exception as exc:
+        logger.warning("pallas_inbound_bearer_error", data={"error": str(exc)})
     return None