diff --git a/roles/keycloak/defaults/main.yml b/roles/keycloak/defaults/main.yml
index 7bb3bb84..c5fe7e83 100644
--- a/roles/keycloak/defaults/main.yml
+++ b/roles/keycloak/defaults/main.yml
@@ -2,7 +2,7 @@
 ### Configuration specific to keycloak
 keycloak_version: 15.0.2
 keycloak_archive: "keycloak-{{ keycloak_version }}.zip"
-keycloak_download_url: "https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/{{ keycloak_archive }}"  
+keycloak_download_url: "https://github.com/keycloak/keycloak/releases/download/{{ keycloak_version }}/{{ keycloak_archive }}"
 keycloak_download_url_9x: "https://downloads.jboss.org/keycloak/{{ keycloak_version }}/{{ keycloak_archive }}"
 keycloak_installdir: "{{ keycloak_dest }}/keycloak-{{ keycloak_version }}"
 keycloak_offline_install: False
@@ -83,3 +83,5 @@ keycloak_default_jdbc:
   mariadb:
     url: 'jdbc:mariadb://localhost:3306/keycloak'
     version: 2.7.4
+# role specific vars
+keycloak_no_log: True
diff --git a/roles/keycloak/meta/argument_specs.yml b/roles/keycloak/meta/argument_specs.yml
index 29ebce8c..6efd70ee 100644
--- a/roles/keycloak/meta/argument_specs.yml
+++ b/roles/keycloak/meta/argument_specs.yml
@@ -266,6 +266,10 @@ argument_specs:
                 default: "Keycloak"
                 description: "systemd description for keycloak"
                 type: "str"
+            keycloak_no_log:
+                default: true
+                type: "bool"
+                description: "Changes default behavior for no_log for debugging purpose, do not change for production system."
     downstream:
         options:
             sso_version:
@@ -275,11 +279,11 @@ argument_specs:
             sso_rhn_id:
                 default: "{{ sso_rhn_ids[sso_version].id }}"
                 description: "Customer Portal product ID for Red Hat SSO"
-                type: "str"                
+                type: "str"
             sso_archive:
                 default: "rh-sso-{{ sso_version }}-server-dist.zip"
                 description: "Red Hat SSO install archive filename"
-                type: "str"                
+                type: "str"
             sso_dest:
                 default: "/opt/sso"
                 description: "Root installation directory"
diff --git a/roles/keycloak_realm/tasks/main.yml b/roles/keycloak_realm/tasks/main.yml
index 1544a1e3..85ee5f07 100644
--- a/roles/keycloak_realm/tasks/main.yml
+++ b/roles/keycloak_realm/tasks/main.yml
@@ -5,7 +5,7 @@
     method: POST
     body: "client_id={{ keycloak_auth_client }}&username={{ keycloak_admin_user }}&password={{ keycloak_admin_password }}&grant_type=password"
     validate_certs: no
-  no_log: True
+  no_log: "{{ keycloak_no_log | default('True') }}"
   register: keycloak_auth_response
   until: keycloak_auth_response.status == 200
   retries: 5
@@ -48,7 +48,7 @@
     provider_type: "{{ item.provider_type | default(org.keycloak.storage.UserStorageProvider) }}" 
     config: "{{ item.config }}"
     mappers: "{{ item.mappers | default(omit) }}"
-  no_log: True
+  no_log: "{{ keycloak_no_log | default('True') }}"
   register: create_user_federation_result
   loop: "{{ keycloak_user_federation | flatten }}"
   when: keycloak_user_federation is defined
@@ -91,7 +91,7 @@
     public_client: "{{ item.public_client | default(False) }}"
     protocol: "{{ item.protocol | default(omit) }}"
     state: present
-  no_log: True
+  no_log: "{{ keycloak_no_log | default('True') }}"
   register: create_client_result
   loop: "{{ keycloak_clients | flatten }}"
   when: (item.name is defined and item.client_id is defined) or (item.name is defined and item.id is defined)
diff --git a/roles/keycloak_realm/tasks/manage_client_roles.yml b/roles/keycloak_realm/tasks/manage_client_roles.yml
index 04cf2fa1..6db30fac 100644
--- a/roles/keycloak_realm/tasks/manage_client_roles.yml
+++ b/roles/keycloak_realm/tasks/manage_client_roles.yml
@@ -10,4 +10,4 @@
     auth_password: "{{ keycloak_admin_password }}"
     state: present
   loop: "{{ client.roles | flatten }}"
-  no_log: True
+  no_log: "{{ keycloak_no_log | default('True') }}"
diff --git a/roles/keycloak_realm/tasks/manage_user_roles.yml b/roles/keycloak_realm/tasks/manage_user_roles.yml
index e9d18b7b..ff803a28 100644
--- a/roles/keycloak_realm/tasks/manage_user_roles.yml
+++ b/roles/keycloak_realm/tasks/manage_user_roles.yml
@@ -14,7 +14,7 @@
     body: "client_id={{ keycloak_auth_client }}&username={{ keycloak_admin_user }}&password={{ keycloak_admin_password }}&grant_type=password"
     validate_certs: no
   register: keycloak_auth_response
-  no_log: True
+  no_log: "{{ keycloak_no_log | default('True') }}"
   until: keycloak_auth_response.status == 200
   retries: 5
   delay: 2