diff --git a/openshift-kube-apiserver/authorization/minimumkubeletversion/minimum_kubelet_version.go b/openshift-kube-apiserver/authorization/minimumkubeletversion/minimum_kubelet_version.go
index bf1c38d1dc736..9369ccf03ce5c 100644
--- a/openshift-kube-apiserver/authorization/minimumkubeletversion/minimum_kubelet_version.go
+++ b/openshift-kube-apiserver/authorization/minimumkubeletversion/minimum_kubelet_version.go
@@ -13,6 +13,7 @@ import (
 	v1listers "k8s.io/client-go/listers/core/v1"
 	cache "k8s.io/client-go/tools/cache"
 	"k8s.io/component-base/featuregate"
+	"k8s.io/klog/v2"
 	api "k8s.io/kubernetes/pkg/apis/core"
 	"k8s.io/kubernetes/pkg/auth/nodeidentifier"
 )
@@ -53,10 +54,12 @@ func (m *minimumKubeletVersionAuth) Authorize(ctx context.Context, attrs authori
 	nodeName, isNode := m.nodeIdentifier.NodeIdentity(attrs.GetUser())
 	if !isNode {
 		// ignore requests from non-nodes
+		klog.Infof("XXXXXXXX not a node %v", attrs.GetUser())
 		return authorizer.DecisionNoOpinion, "", nil
 	}
 
 	if len(nodeName) == 0 {
+		klog.Infof("XXXXXXXX empty node name %v", attrs.GetUser())
 		return authorizer.DecisionNoOpinion, fmt.Sprintf("unknown node for user %q", attrs.GetUser().GetName()), nil
 	}
 
@@ -67,26 +70,32 @@ func (m *minimumKubeletVersionAuth) Authorize(ctx context.Context, attrs authori
 		switch requestResource {
 		case api.Resource("nodes"):
 			if v := attrs.GetVerb(); v == "get" || v == "update" {
+				klog.Infof("XXXXXXXX node get or update %v", attrs.GetUser())
 				return authorizer.DecisionNoOpinion, "", nil
 			}
 		// TODO(haircommander): do we need other flavors of access reviews here?
 		case api.Resource("subjectaccessreviews"):
+			klog.Infof("XXXXXXXX SAR %v", attrs.GetUser())
 			return authorizer.DecisionNoOpinion, "", nil
 		}
 	}
 
 	if !m.hasNodeInformerSyncedFn() {
+		klog.Infof("XXXXXXXX not synced %v", attrs.GetUser())
 		return authorizer.DecisionNoOpinion, fmt.Sprintf("node informer not synced, cannot check if node %s is new enough", nodeName), nil
 	}
 
 	node, err := m.nodeLister.Get(nodeName)
 	if err != nil {
+		klog.Infof("XXXXXXXX failed to get node %s %v", nodeName, attrs.GetUser())
 		return authorizer.DecisionNoOpinion, fmt.Sprintf("failed to get node %s: %v", nodeName, err), nil
 	}
 
 	if err := nodelib.IsNodeTooOld(node, m.minVersion); err != nil {
+		klog.Infof("XXXXXXXX node too old %s %v", nodeName, attrs.GetUser())
 		return authorizer.DecisionDeny, err.Error(), nil
 	}
 
+	klog.Infof("XXXXXXXX OK %s", attrs.GetUser())
 	return authorizer.DecisionNoOpinion, "", nil
 }