diff --git a/backend/sync_server/src/server/auth.rs b/backend/sync_server/src/server/auth.rs
index 06bfe5db..7a7d2197 100644
--- a/backend/sync_server/src/server/auth.rs
+++ b/backend/sync_server/src/server/auth.rs
@@ -1,3 +1,5 @@
+use log::info;
+
 use crate::{
     app_state::{AppState, database::models::VaultId},
     config::user_config::{AllowListedVaults, User, VaultAccess},
@@ -13,10 +15,16 @@ pub fn auth(app_state: &AppState, token: &str, vault: &VaultId) -> Result<User,
         .cloned()
         .ok_or_else(|| unauthenticated_error(anyhow::anyhow!("Invalid token")))?;
 
+    info!("User `{}` authenticated", user.name);
+
     if match user.vault_access {
         VaultAccess::AllowAccessToAll => true,
         VaultAccess::AllowList(AllowListedVaults { ref allowed }) => allowed.contains(vault),
     } {
+        info!(
+            "User `{}` is authorised to access to vault `{}`",
+            user.name, vault
+        );
         Ok(user)
     } else {
         Err(permission_denied_error(anyhow::anyhow!(
diff --git a/frontend/sync-client/src/sync-operations/syncer.ts b/frontend/sync-client/src/sync-operations/syncer.ts
index 7bad88e4..8ec83694 100644
--- a/frontend/sync-client/src/sync-operations/syncer.ts
+++ b/frontend/sync-client/src/sync-operations/syncer.ts
@@ -266,6 +266,8 @@ export class Syncer {
 		wsUri.protocol = wsUri.protocol === "https" ? "wss" : "ws";
 		wsUri.pathname = `/vaults/${settings.vaultName}/ws`;
 
+		this.logger.info(`Connecting to WebSocket at ${wsUri.toString()}`);
+
 		if (
 			typeof globalThis !== "undefined" &&
 			typeof globalThis.WebSocket === "undefined"
@@ -288,6 +290,7 @@ export class Syncer {
 
 		// The JS WebSocket API doesn't support setting headers, so we have to send the token as a message
 		this.applyRemoteChangesWebSocket.onopen = (): void => {
+			this.logger.info("WebSocket connection opened");
 			this.applyRemoteChangesWebSocket?.send(settings.token);
 			this.webSocketStatusChangeListeners.forEach((listener) => {
 				listener();