diff --git a/frontend/auth.ts b/frontend/auth.ts
index 96356238..43de39ff 100644
--- a/frontend/auth.ts
+++ b/frontend/auth.ts
@@ -42,11 +42,28 @@ export const { handlers, auth, signIn, signOut } = NextAuth({
         token.userId = Number(user.id);
         token.username = user.name ?? '';
         token.role = (user as any).role as string;
+        // eslint-disable-next-line no-console
+        console.log('[NextAuth JWT callback] Token set:', {
+          hasAccessToken: !!token.accessToken,
+          role: token.role,
+          username: token.username,
+        });
       }
       return token;
     },
     session({ session, token }) {
-      session.accessToken = token.accessToken as string;
+      // eslint-disable-next-line no-console
+      console.log('[NextAuth session callback] Token data:', {
+        tokenAccessToken: token.accessToken,
+        tokenRole: token.role,
+        tokenUserId: token.userId,
+      });
+      if (token.accessToken) {
+        session.accessToken = token.accessToken as string;
+      } else {
+        // eslint-disable-next-line no-console
+        console.warn('[NextAuth session callback] WARNING: No accessToken in token!');
+      }
       session.user.id = String(token.userId);
       session.user.name = token.username as string;
       (session.user as any).role = token.role as string;
diff --git a/frontend/lib/auth-headers.ts b/frontend/lib/auth-headers.ts
index 87fb7cf7..e436503b 100644
--- a/frontend/lib/auth-headers.ts
+++ b/frontend/lib/auth-headers.ts
@@ -6,6 +6,19 @@ import { auth } from '../auth';
  */
 export async function getAuthHeaders(): Promise<Record<string, string>> {
   const session = await auth();
-  if (!session?.accessToken) return {};
+  // eslint-disable-next-line no-console
+  console.log('[getAuthHeaders] Session data:', {
+    hasSession: !!session,
+    hasAccessToken: !!session?.accessToken,
+    sessionKeys: session ? Object.keys(session) : [],
+    userRole: (session?.user as any)?.role,
+  });
+  if (!session?.accessToken) {
+    // eslint-disable-next-line no-console
+    console.warn('[getAuthHeaders] No accessToken found! Session:', session);
+    return {};
+  }
+  // eslint-disable-next-line no-console
+  console.log('[getAuthHeaders] Returning Bearer token');
   return { Authorization: `Bearer ${session.accessToken}` };
 }