diff --git a/api/src/plugins/cookie-update.ts b/api/src/plugins/cookie-update.ts
index 83e4965cb77..4fd2fcd870b 100644
--- a/api/src/plugins/cookie-update.ts
+++ b/api/src/plugins/cookie-update.ts
@@ -33,7 +33,7 @@ export const cookieUpdate: FastifyPluginCallback<Options> = (
       void reply.setCookie(cookie, raw, options.attributes);
     }
 
-    logger.debug('Updated cookies for user.');
+    logger.trace(`Updated cookies for user ${request.user?.id}.`);
 
     next();
   });
diff --git a/api/src/plugins/cookies.ts b/api/src/plugins/cookies.ts
index cc8da4eee9c..9188828119c 100644
--- a/api/src/plugins/cookies.ts
+++ b/api/src/plugins/cookies.ts
@@ -73,7 +73,7 @@ const cookies: FastifyPluginCallback = (fastify, _options, done) => {
     void this.clearCookie(CSRF_SECRET_COOKIE);
     void this.clearCookie(CSRF_COOKIE);
 
-    logger.debug('Clearing cookies for user.');
+    logger.trace('Clearing cookies for user.');
   });
 
   done();
diff --git a/api/src/plugins/csrf.ts b/api/src/plugins/csrf.ts
index 3ec8ba2c6b3..39407cf824e 100644
--- a/api/src/plugins/csrf.ts
+++ b/api/src/plugins/csrf.ts
@@ -23,7 +23,7 @@ const csrf: FastifyPluginCallback = (fastify, _options, done) => {
     // tokens since we know we can provide this one
     getToken: req => req.headers[CSRF_HEADER] as string,
     cookieOpts: { signed: false, sameSite: 'strict' },
-    logLevel: 'debug'
+    logLevel: 'debug' // TODO: change to trace
   });
 
   // All routes except signout should add a CSRF token to the response
@@ -32,7 +32,7 @@ const csrf: FastifyPluginCallback = (fastify, _options, done) => {
     const isSignout = req.url === '/signout' || req.url === '/signout/';
 
     if (!isSignout) {
-      logger.debug('Adding CSRF token to response');
+      logger.trace('Adding CSRF token to response');
       const token = reply.generateCsrf();
       void reply.setCookie(CSRF_COOKIE, token, {
         sameSite: 'strict',