diff --git a/.github/workflows/deploy-production-environment.yml b/.github/workflows/deploy-production-environment.yml
index 0f19b65..8e53167 100644
--- a/.github/workflows/deploy-production-environment.yml
+++ b/.github/workflows/deploy-production-environment.yml
@@ -46,6 +46,8 @@ jobs:
     environment:
       name: 'Production'
       url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
+    permissions:
+      id-token: write #This is required for requesting the JWT
 
     steps:
       - name: Download artifact from build job
diff --git a/.gitignore b/.gitignore
index e7c4eb3..7915390 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,3 +8,4 @@ config.json
 src/config.json
 .idea
 .venv
+src/record.log
diff --git a/src/webapp/api.py b/src/webapp/api.py
index 7506263..600141c 100644
--- a/src/webapp/api.py
+++ b/src/webapp/api.py
@@ -12,6 +12,8 @@
 from PIL import ImageChops
 from io import BytesIO
 from datetime import datetime
+import logging
+from logging.handlers import RotatingFileHandler
 import os
 import json
 import uuid
@@ -30,9 +32,18 @@
 # Initialize app
 app = Flask(__name__)
 logger = True
-app.logger.setLevel("INFO")
+
+#config logging
+logging.basicConfig(filename='record.log', level=logging.INFO, filemode="w", format="%(asctime)s %(levelname)s %(message)s")
+#max file size 4 MB
+handler = RotatingFileHandler(
+    filename='record.log',
+    maxBytes=4 * 1024 * 1024,
+    backupCount=5
+)
+app.logger.addHandler(handler)
+
 if "IS_PRODUCTION" in os.environ:
-    app.logger.setLevel("WARNING")
     logger = True
 if Keys.exists("CORS_ALLOWED_ORIGIN"):
     app.logger.info("cors is: " + Keys.get("CORS_ALLOWED_ORIGIN"))