Azure · g2vinay · Feb 11, 2026 · Feb 10, 2026
@@ -9,6 +9,7 @@
 
 ### Bugs Fixed
 - Fixed `NullPointerException` in `IdentityClientOptions` when running in GraalVM native images (e.g., Quarkus applications). Replaced reflection-dependent `AzureIdentityEnvVars` enum usage with direct string literal to ensure compatibility with native compilation.
+- Fixed logging for token authentication errors to include full stack traces with inner exceptions. Previously, error logs referenced "inner exceptions" but only logged the error message, making debugging difficult.
 
 ### Other Changes
 - Removed unused jetty, redisson, and lettuce-core dependencies.

@@ -37,8 +37,10 @@ public static void logTokenSuccess(ClientLogger logger, TokenRequestContext cont
      */
     public static void logTokenError(ClientLogger logger, IdentityClientOptions options, TokenRequestContext context,
         Throwable error) {
-        logError(logger, options, () -> String.format("Azure Identity => ERROR in getToken() call for scopes [%s]: %s",
-            CoreUtils.stringJoin(", ", context.getScopes()), error == null ? "" : error.getMessage()));
+        logger.log(options.getIdentityLogOptionsImpl().getRuntimeExceptionLogLevel(),
+            () -> String.format("Azure Identity => ERROR in getToken() call for scopes [%s]: %s",
+                CoreUtils.stringJoin(", ", context.getScopes()), error == null ? "" : error.getMessage()),
+            error);
     }
 
     /**

@@ -0,0 +1,59 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+package com.azure.identity.implementation.util;
+
+import com.azure.core.credential.TokenRequestContext;
+import com.azure.core.exception.ClientAuthenticationException;
+import com.azure.core.util.Configuration;
+import com.azure.core.util.logging.ClientLogger;
+import com.azure.identity.implementation.IdentityClientOptions;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+
+public class LoggingUtilTest {
+
+    private static final ClientLogger LOGGER = new ClientLogger(LoggingUtilTest.class);
+
+    @Test
+    public void testLogTokenErrorWithInnerException() {
+        // Create a nested exception to simulate the "see inner exception" scenario
+        Exception innerException = new RuntimeException("Inner exception details");
+        ClientAuthenticationException outerException = new ClientAuthenticationException(
+            "Managed Identity authentication failed, see inner exception for more information.", null, innerException);
+
+        // Create a token request context
+        TokenRequestContext context = new TokenRequestContext().addScopes("https://management.azure.com/.default");
+
+        // Create identity client options
+        IdentityClientOptions options = new IdentityClientOptions();
+
+        // Verify that calling logTokenError doesn't throw an exception
+        // and that it properly handles the nested exception
+        assertDoesNotThrow(() -> LoggingUtil.logTokenError(LOGGER, options, context, outerException));
+    }
+
+    @Test
+    public void testLogTokenErrorWithNullException() {
+        // Test that the method handles null exceptions gracefully
+        TokenRequestContext context = new TokenRequestContext().addScopes("https://management.azure.com/.default");
+        IdentityClientOptions options = new IdentityClientOptions();
+
+        assertDoesNotThrow(() -> LoggingUtil.logTokenError(LOGGER, options, context, null));
+    }
+
+    @Test
+    public void testLogTokenSuccess() {
+        TokenRequestContext context = new TokenRequestContext().addScopes("https://management.azure.com/.default");
+
+        assertDoesNotThrow(() -> LoggingUtil.logTokenSuccess(LOGGER, context));
+    }
+
+    @Test
+    public void testLogAvailableEnvironmentVariables() {
+        Configuration configuration = Configuration.getGlobalConfiguration();
+
+        assertDoesNotThrow(() -> LoggingUtil.logAvailableEnvironmentVariables(LOGGER, configuration));
+    }
+}