diff --git a/handlers/authorize.go b/handlers/authorize.go
index 008ca66..b06fa4c 100644
--- a/handlers/authorize.go
+++ b/handlers/authorize.go
@@ -35,6 +35,7 @@ func AuthorizeHandler(w http.ResponseWriter, r *http.Request) {
 	// Get claims from JWT middleware
 	claims, ok := middleware.GetClaims(r)
 	if !ok {
+		log.Printf("ERROR: Missing JWT claims in request context (method=%s, path=%s)", r.Method, r.URL.Path)
 		helper.RespondWithError(w, http.StatusUnauthorized, "Unauthorized")
 		return
 	}
@@ -46,6 +47,7 @@ func AuthorizeHandler(w http.ResponseWriter, r *http.Request) {
 	// Read and log raw request body
 	bodyBytes, err := io.ReadAll(r.Body)
 	if err != nil {
+		log.Printf("ERROR: Failed to read authorization request body: %v", err)
 		helper.RespondWithError(w, http.StatusBadRequest, "Invalid request body")
 		return
 	}
@@ -85,6 +87,9 @@ func AuthorizeHandler(w http.ResponseWriter, r *http.Request) {
 	}
 
 	claimRoles := collectClaimRoles(claims)
+	if len(claimRoles) == 0 {
+		log.Printf("ERROR: No roles found in JWT claims for user=%s", claims.UsersID)
+	}
 	requestedRoles := collectRequestedRoles(&ctx)
 	if len(requestedRoles) == 0 {
 		requestedRoles = claimRoles
@@ -92,6 +97,7 @@ func AuthorizeHandler(w http.ResponseWriter, r *http.Request) {
 
 	validRoles := intersectRoles(requestedRoles, claimRoles)
 	if len(validRoles) == 0 {
+		log.Printf("ERROR: Role mismatch for user=%s - requestedRoles=%v, claimRoles=%v", ctx.UsersID, requestedRoles, claimRoles)
 		helper.RespondWithError(w, http.StatusForbidden, "Role ID mismatch")
 		return
 	}