diff --git a/backend/src/auth/jwt/JWT.ts b/backend/src/auth/jwt/JWT.ts
index c3d7b1d26..5bf0166a4 100644
--- a/backend/src/auth/jwt/JWT.ts
+++ b/backend/src/auth/jwt/JWT.ts
@@ -7,9 +7,11 @@ import { JwtPayloadType } from './payloadtypes/JwtPayloadType'
 
 export const decode = async (token: string, signkey: Buffer): Promise<JwtPayloadType | null> => {
   if (!token) throw new LogError('401 Unauthorized')
+  logger.debug('JWT.decode... token, signkey=', token, signkey)
 
   try {
     const secret = new TextEncoder().encode(signkey.toString())
+    logger.debug('JWT.decode... secret=', secret)
     const { payload } = await jwtVerify(token, secret, {
       issuer: 'urn:gradido:issuer',
       audience: 'urn:gradido:audience',
@@ -17,6 +19,7 @@ export const decode = async (token: string, signkey: Buffer): Promise<JwtPayload
     logger.debug('JWT.decode after jwtVerify... payload=', payload)
     return payload as unknown as JwtPayloadType
   } catch (err) {
+    logger.error('JWT.decode after jwtVerify... error=', err)
     return null
   }
 }