diff --git a/build.gradle.kts b/build.gradle.kts
index 9a5e7dd2..0944eef1 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -39,11 +39,13 @@ val wiremockVersion = "3.5.4"
 val findbugsVersion = "3.0.2"
 val bouncycastleVersion = "1.78.1"
 val hikariCPVersion = "5.1.0"
+val micrometerVersion = "1.3.5"
 
 dependencies {
 	implementation("org.springframework.boot:spring-boot-starter")
 	implementation("org.springframework.boot:spring-boot-starter-web")
 	implementation("org.springframework.boot:spring-boot-starter-actuator")
+	implementation("io.micrometer:micrometer-tracing-bridge-otel:$micrometerVersion")
 	implementation("org.springframework.boot:spring-boot-starter-data-redis")
 	implementation("org.springframework.boot:spring-boot-starter-data-mongodb")
 	implementation("org.springframework.boot:spring-boot-starter-data-jpa")
diff --git a/gradle.lockfile b/gradle.lockfile
index 95ced09a..eacdfb2c 100644
--- a/gradle.lockfile
+++ b/gradle.lockfile
@@ -1,6 +1,7 @@
 # This is a Gradle generated file for dependency locking.
 # Manual edits can break the build and are not advised.
 # This file is expected to be part of source control.
+aopalliance:aopalliance:1.0=compileClasspath
 ch.qos.logback:logback-classic:1.4.14=compileClasspath
 ch.qos.logback:logback-core:1.4.14=compileClasspath
 com.auth0:java-jwt:4.4.0=compileClasspath
@@ -19,10 +20,13 @@ com.zaxxer:HikariCP:5.1.0=compileClasspath
 io.jsonwebtoken:jjwt-api:0.12.5=compileClasspath
 io.jsonwebtoken:jjwt:0.12.5=compileClasspath
 io.lettuce:lettuce-core:6.3.2.RELEASE=compileClasspath
+io.micrometer:context-propagation:1.1.1=compileClasspath
 io.micrometer:micrometer-commons:1.12.5=compileClasspath
 io.micrometer:micrometer-core:1.12.5=compileClasspath
 io.micrometer:micrometer-jakarta9:1.12.5=compileClasspath
 io.micrometer:micrometer-observation:1.12.5=compileClasspath
+io.micrometer:micrometer-tracing-bridge-otel:1.3.5=compileClasspath
+io.micrometer:micrometer-tracing:1.2.5=compileClasspath
 io.netty:netty-buffer:4.1.109.Final=compileClasspath
 io.netty:netty-codec:4.1.109.Final=compileClasspath
 io.netty:netty-common:4.1.109.Final=compileClasspath
@@ -30,6 +34,17 @@ io.netty:netty-handler:4.1.109.Final=compileClasspath
 io.netty:netty-resolver:4.1.109.Final=compileClasspath
 io.netty:netty-transport-native-unix-common:4.1.109.Final=compileClasspath
 io.netty:netty-transport:4.1.109.Final=compileClasspath
+io.opentelemetry.instrumentation:opentelemetry-instrumentation-api-semconv:1.33.3-alpha=compileClasspath
+io.opentelemetry.instrumentation:opentelemetry-instrumentation-api:1.33.3=compileClasspath
+io.opentelemetry.semconv:opentelemetry-semconv:1.23.1-alpha=compileClasspath
+io.opentelemetry:opentelemetry-api:1.31.0=compileClasspath
+io.opentelemetry:opentelemetry-context:1.31.0=compileClasspath
+io.opentelemetry:opentelemetry-extension-trace-propagators:1.31.0=compileClasspath
+io.opentelemetry:opentelemetry-sdk-common:1.31.0=compileClasspath
+io.opentelemetry:opentelemetry-sdk-logs:1.31.0=compileClasspath
+io.opentelemetry:opentelemetry-sdk-metrics:1.31.0=compileClasspath
+io.opentelemetry:opentelemetry-sdk-trace:1.31.0=compileClasspath
+io.opentelemetry:opentelemetry-sdk:1.31.0=compileClasspath
 io.projectreactor:reactor-core:3.6.5=compileClasspath
 io.swagger.core.v3:swagger-annotations-jakarta:2.2.21=compileClasspath
 io.swagger.core.v3:swagger-core-jakarta:2.2.21=compileClasspath
diff --git a/src/main/java/it/gov/pagopa/payhub/auth/security/JwtAuthenticationFilter.java b/src/main/java/it/gov/pagopa/payhub/auth/security/JwtAuthenticationFilter.java
index ee2dad33..7bdbba2e 100644
--- a/src/main/java/it/gov/pagopa/payhub/auth/security/JwtAuthenticationFilter.java
+++ b/src/main/java/it/gov/pagopa/payhub/auth/security/JwtAuthenticationFilter.java
@@ -11,6 +11,7 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.slf4j.MDC;
 import org.springframework.http.HttpHeaders;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
@@ -47,6 +48,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
             if (StringUtils.hasText(authorization)) {
                 String token = authorization.replace("Bearer ", "");
                 UserInfo userInfo = validateToken(token);
+                MDC.put("externalUserId", userInfo.getMappedExternalUserId());
                 Collection<? extends GrantedAuthority> authorities = null;
                 if (userInfo.getOrganizationAccess() != null) {
                     authorities = userInfo.getOrganizations().stream()
diff --git a/src/main/java/it/gov/pagopa/payhub/auth/service/a2a/ClientCredentialServiceImpl.java b/src/main/java/it/gov/pagopa/payhub/auth/service/a2a/ClientCredentialServiceImpl.java
index 53b34142..73770cd0 100644
--- a/src/main/java/it/gov/pagopa/payhub/auth/service/a2a/ClientCredentialServiceImpl.java
+++ b/src/main/java/it/gov/pagopa/payhub/auth/service/a2a/ClientCredentialServiceImpl.java
@@ -7,6 +7,7 @@
 import it.gov.pagopa.payhub.model.generated.AccessToken;
 import it.gov.pagopa.payhub.model.generated.ClientDTO;
 import lombok.extern.slf4j.Slf4j;
+import org.slf4j.MDC;
 import org.springframework.stereotype.Service;
 
 @Service
@@ -38,6 +39,7 @@ public AccessToken postToken(String clientId, String scope, String clientSecret)
 		ClientDTO authorizedClient = authorizeClientCredentialsRequestService.authorizeCredentials(clientId, clientSecret);
 		AccessToken accessToken = accessTokenBuilderService.build();
 		IamUserInfoDTO iamUser = clientDTO2UserInfoMapper.apply(authorizedClient);
+		MDC.put("externalUserId", iamUser.getUserId());
 		tokenStoreService.save(accessToken.getAccessToken(), iamUser);
 		return accessToken;
 	}
diff --git a/src/main/java/it/gov/pagopa/payhub/auth/service/exchange/ExchangeTokenServiceImpl.java b/src/main/java/it/gov/pagopa/payhub/auth/service/exchange/ExchangeTokenServiceImpl.java
index 74e07ec7..98aee370 100644
--- a/src/main/java/it/gov/pagopa/payhub/auth/service/exchange/ExchangeTokenServiceImpl.java
+++ b/src/main/java/it/gov/pagopa/payhub/auth/service/exchange/ExchangeTokenServiceImpl.java
@@ -7,6 +7,7 @@
 import it.gov.pagopa.payhub.auth.service.TokenStoreService;
 import it.gov.pagopa.payhub.model.generated.AccessToken;
 import lombok.extern.slf4j.Slf4j;
+import org.slf4j.MDC;
 import org.springframework.stereotype.Service;
 
 import java.util.Map;
@@ -48,6 +49,7 @@ public AccessToken postToken(String clientId, String subjectToken, String subjec
         AccessToken accessToken = accessTokenBuilderService.build();
         IamUserInfoDTO iamUser = idTokenClaimsMapper.apply(claims);
         User registeredUser = iamUserRegistrationService.registerUser(iamUser);
+        MDC.put("externalUserId", registeredUser.getMappedExternalUserId());
         iamUser.setInnerUserId(registeredUser.getUserId());
         tokenStoreService.save(accessToken.getAccessToken(), iamUser);
         return accessToken;
diff --git a/src/main/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapper.java b/src/main/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapper.java
index a9c77e86..3b991ca3 100644
--- a/src/main/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapper.java
+++ b/src/main/java/it/gov/pagopa/payhub/auth/service/user/IamUserInfoDTO2UserInfoMapper.java
@@ -19,7 +19,7 @@
 @Service
 public class IamUserInfoDTO2UserInfoMapper implements Function<IamUserInfoDTO, UserInfo> {
 
-	private static final String WS_USER_SUFFIX = "-WS_USER";
+	public static final String WS_USER_SUFFIX = "-WS_USER";
 
 	private final UsersRepository usersRepository;
 	private final OperatorsRepository operatorsRepository;
diff --git a/src/main/java/it/gov/pagopa/payhub/auth/service/user/UserServiceImpl.java b/src/main/java/it/gov/pagopa/payhub/auth/service/user/UserServiceImpl.java
index 3db585f1..965f271b 100644
--- a/src/main/java/it/gov/pagopa/payhub/auth/service/user/UserServiceImpl.java
+++ b/src/main/java/it/gov/pagopa/payhub/auth/service/user/UserServiceImpl.java
@@ -47,7 +47,7 @@ public Operator registerOperator(String userId, String organizationIpaCode, Set<
 
     @Override
     public UserInfo getUserInfo(String accessToken) {
-        log.info("Retrieving user info");
+        log.debug("Retrieving user info");
         IamUserInfoDTO userInfo = tokenStoreService.load(accessToken);
         if (userInfo == null) {
             throw new InvalidAccessTokenException("AccessToken not found");
diff --git a/src/main/resources/logback-spring.xml b/src/main/resources/logback-spring.xml
index c46c6d4c..6b101ed2 100644
--- a/src/main/resources/logback-spring.xml
+++ b/src/main/resources/logback-spring.xml
@@ -6,7 +6,7 @@
                     source="spring.application.name"/>
 
     <property name="CONSOLE_LOG_PATTERN"
-              value="%d{yyyy-MM-dd HH:mm:ss.SSS} [${appName:-}] %-5level [%15.15t] [%-40.40logger{39}] - %msg%n"/>
+              value="%d{yyyy-MM-dd HH:mm:ss.SSS} [${appName:-}] [%X{externalUserId:-}] [%X{traceId:-}] %-5level [%15.15t] [%-40.40logger{39}] - %msg%n"/>
     <property name="AUDIT_LOG_PATTERN"
               value="%msg"/>