diff --git a/duty_teller/api/dependencies.py b/duty_teller/api/dependencies.py
index f5643eb..7b363d1 100644
--- a/duty_teller/api/dependencies.py
+++ b/duty_teller/api/dependencies.py
@@ -123,14 +123,18 @@ def get_authenticated_username(
         )
     if username and config.can_access_miniapp(username):
         return username
+    failed_phone: str | None = None
     if telegram_user_id is not None:
         user = get_user_by_telegram_id(session, telegram_user_id)
         if user and user.phone and config.can_access_miniapp_by_phone(user.phone):
             return username or (user.full_name or "") or f"id:{telegram_user_id}"
+        if user and user.phone:
+            failed_phone = config.normalize_phone(user.phone)
     log.warning(
-        "username/phone not in allowlist (username=%s, telegram_id=%s)",
+        "username/phone not in allowlist (username=%s, telegram_id=%s, phone=%s)",
         username,
         telegram_user_id,
+        failed_phone if failed_phone else "—",
     )
     raise HTTPException(status_code=403, detail=t(lang, "api.access_denied"))