Change typespec_client_core::http::policies::logging Request and Response log level to debug

[jlaundry]

When using azure_identity, applications see Request and Response INFO log events as access tokens are refreshed, sometimes hourly(ish):

2026-01-30T23:14:25.004300Z  INFO  typespec_client_core::http::policies::logging: ==> Request: url: https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token, method: POST, headers: { x-ms-client-request-id: 00000000-0000-0000-0000-000000000000 content-type: application/x-www-form-urlencoded user-agent: azsdk-rust-identity/0.30.0 (1.92.0; linux; x86_64)  }
2026-01-30T23:14:25.257778Z  INFO  typespec_client_core::http::policies::logging: <== Response: { url: https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token, status: 200, headers: { date: Fri, 30 Jan 2026 23:14:25 GMT x-ms-srs: REDACTED content-type: application/json; charset=utf-8 x-content-type-options: REDACTED expires: -1 x-ms-ests-server: REDACTED strict-transport-security: REDACTED p3p: REDACTED x-xss-protection: REDACTED content-length: 1712 cache-control: no-store, no-cache set-cookie: REDACTED pragma: no-cache x-ms-request-id: 00000000-0000-0000-0000-000000000000 content-security-policy-report-only: REDACTED  } }
2026-01-31T00:09:29.955171Z  INFO  typespec_client_core::http::policies::logging: ==> Request: url: https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token, method: POST, headers: { user-agent: azsdk-rust-identity/0.30.0 (1.92.0; linux; x86_64) content-type: application/x-www-form-urlencoded x-ms-client-request-id: 00000000-0000-0000-0000-000000000000  }
2026-01-31T00:09:30.196806Z  INFO  typespec_client_core::http::policies::logging: <== Response: { url: https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token, status: 200, headers: { x-ms-request-id: 00000000-0000-0000-0000-000000000000 x-ms-ests-server: REDACTED x-ms-srs: REDACTED date: Sat, 31 Jan 2026 00:09:29 GMT content-type: application/json; charset=utf-8 expires: -1 content-security-policy-report-only: REDACTED set-cookie: REDACTED x-xss-protection: REDACTED pragma: no-cache content-length: 1717 p3p: REDACTED cache-control: no-store, no-cache x-content-type-options: REDACTED strict-transport-security: REDACTED  } }
2026-01-31T01:04:29.990787Z  INFO  typespec_client_core::http::policies::logging: ==> Request: url: https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token, method: POST, headers: { user-agent: azsdk-rust-identity/0.30.0 (1.92.0; linux; x86_64) content-type: application/x-www-form-urlencoded x-ms-client-request-id: 00000000-0000-0000-0000-000000000000  }
2026-01-31T01:04:30.252971Z  INFO  typespec_client_core::http::policies::logging: <== Response: { url: https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token, status: 200, headers: { x-ms-ests-server: REDACTED content-type: application/json; charset=utf-8 p3p: REDACTED pragma: no-cache x-content-type-options: REDACTED x-ms-srs: REDACTED expires: -1 date: Sat, 31 Jan 2026 01:04:30 GMT strict-transport-security: REDACTED x-xss-protection: REDACTED set-cookie: REDACTED content-security-policy-report-only: REDACTED x-ms-request-id: 00000000-0000-0000-0000-000000000000 content-length: 1727 cache-control: no-store, no-cache  } }
2026-01-31T01:59:29.956611Z  INFO  typespec_client_core::http::policies::logging: ==> Request: url: https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token, method: POST, headers: { x-ms-client-request-id: 00000000-0000-0000-0000-000000000000 content-type: application/x-www-form-urlencoded user-agent: azsdk-rust-identity/0.30.0 (1.92.0; linux; x86_64)  }
2026-01-31T01:59:30.259192Z  INFO  typespec_client_core::http::policies::logging: <== Response: { url: https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token, status: 200, headers: { cache-control: no-store, no-cache x-ms-request-id: 00000000-0000-0000-0000-000000000000 content-type: application/json; charset=utf-8 content-security-policy-report-only: REDACTED expires: -1 date: Sat, 31 Jan 2026 01:59:29 GMT pragma: no-cache x-content-type-options: REDACTED strict-transport-security: REDACTED x-xss-protection: REDACTED x-ms-srs: REDACTED set-cookie: REDACTED x-ms-ests-server: REDACTED content-length: 1717 p3p: REDACTED  } }
2026-01-31T02:54:30.952123Z  INFO  typespec_client_core::http::policies::logging: ==> Request: url: https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token, method: POST, headers: { content-type: application/x-www-form-urlencoded x-ms-client-request-id: 00000000-0000-0000-0000-000000000000 user-agent: azsdk-rust-identity/0.30.0 (1.92.0; linux; x86_64)  }
2026-01-31T02:54:31.198919Z  INFO  typespec_client_core::http::policies::logging: <== Response: { url: https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token, status: 200, headers: { set-cookie: REDACTED x-ms-request-id: 00000000-0000-0000-0000-000000000000 strict-transport-security: REDACTED content-type: application/json; charset=utf-8 pragma: no-cache x-ms-ests-server: REDACTED x-ms-srs: REDACTED x-xss-protection: REDACTED content-length: 1717 expires: -1 cache-control: no-store, no-cache date: Sat, 31 Jan 2026 02:54:30 GMT x-content-type-options: REDACTED p3p: REDACTED content-security-policy-report-only: REDACTED  } }
2026-01-31T03:49:30.952551Z  INFO  typespec_client_core::http::policies::logging: ==> Request: url: https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token, method: POST, headers: { user-agent: azsdk-rust-identity/0.30.0 (1.92.0; linux; x86_64) content-type: application/x-www-form-urlencoded x-ms-client-request-id: 00000000-0000-0000-0000-000000000000  }
2026-01-31T03:49:31.215154Z  INFO  typespec_client_core::http::policies::logging: <== Response: { url: https://login.microsoftonline.com/00000000-0000-0000-0000-000000000000/oauth2/v2.0/token, status: 200, headers: { x-ms-ests-server: REDACTED x-ms-request-id: 00000000-0000-0000-0000-000000000000 content-length: 1727 x-ms-srs: REDACTED cache-control: no-store, no-cache x-xss-protection: REDACTED x-content-type-options: REDACTED content-security-policy-report-only: REDACTED pragma: no-cache content-type: application/json; charset=utf-8 set-cookie: REDACTED date: Sat, 31 Jan 2026 03:49:31 GMT strict-transport-security: REDACTED expires: -1 p3p: REDACTED  } }

Since azure_identity doesn't do much logging, these appear out of the blue; and apart from failures, these aren't very useful.

This PR downgrades these logs to debug, consistent with the Python SDK.

I did consider a more complete PR, and the Failed response case: and either holding off logging the Request (not ideal), or re-log the Request as info... but for every use-case I can think of, the only useful info is the Timestamp and X-MS-Request-ID headers for raising a support case, both which are both in the Response anyway.

[github-actions]

Thank you for your contribution @jlaundry! We will review the pull request and get back to you soon.

[LarryOsterman]

When using azure_identity, applications see Request and Response INFO log events as access tokens are refreshed, sometimes hourly(ish):

Since azure_identity doesn't do much logging, these appear out of the blue; and apart from failures, these aren't very useful.

This PR downgrades these logs to debug, consistent with the Python SDK.

I did consider a more complete PR, and the Failed response case: and either holding off logging the Request (not ideal), or re-log the Request as info... but for every use-case I can think of, the only useful info is the Timestamp and X-MS-Request-ID headers for raising a support case, both which are both in the Response anyway.

When I originally added the logging policy, I wanted the traces to be a higher visibility than the random noise of debugging so developers could see the HTTP operations without the debug spew from the service client.

But I do see your point.

One possible refinement (and possible feature creep) would be to make the debug level be configurable in the logging client options and then have identity use the debug logging level and other SDKs use Info. But that's probably overkill.

[jlaundry]

One possible refinement (and possible feature creep) would be to make the debug level be configurable in the logging client options and then have identity use the debug logging level and other SDKs use Info. But that's probably overkill.

It's valid. But other high-volume activity (i.e., regular polling of a Queue, pushing data to an Event Hub, sending traces to Log Analytics, etc.) may also need to be excluded, so we would probably end up the other way round, with Info as the option.

In most production deployment cases, unless there was a specific issue we were trying to diagnose, I would typically expect applications to run at Info level, and not see upstream API activity unless they ran with -v or -vv flags.

(I'm trying to think of counter examples, low-volume operations where you may want verbose logging to know exact timestamps of when something was done: KeyVault signing/decryption operations, database schema changes, maybe DNS changes... but in all those cases, I'd expect the application to be logging those events as well.)