diff --git a/server/core/utils.py b/server/core/utils.py
index 7e678ecc..c47b3597 100644
--- a/server/core/utils.py
+++ b/server/core/utils.py
@@ -3,8 +3,10 @@ import re
 from django.utils import timezone
 
 from api.utils import get_object
+from core.logger import get_logger
 from users.models import SchoolClass
 
+logger = get_logger(__name__)
 
 def set_hidden_for(block, visibility_list):
     for v in visibility_list:
@@ -29,22 +31,27 @@ def is_private_api_call_allowed(user, body):
     # logged in users without valid license have only access to logout, me & coupon mutations
 
     if user.is_anonymous:
+        logger.debug('User is anonymous')
         return False
 
     if user.is_superuser:
+        logger.debug('User is superuser')
         return True
 
     body_unicode = body.decode('utf-8')
 
     if is_endpoint_allowed(body_unicode):
+        logger.debug('Endpoint allowed')
         return True
 
     license_expiry = user.license_expiry_date
 
     # all other resources are denied if the license is not valid
     if license_expiry is None:
+        logger.debug('license expiry is None')
         return False
 
+    logger.debug('private api call is allowed')
     return True