diff --git a/gateway/mw_jwt.go b/gateway/mw_jwt.go
index 8b7ca8b177c..d6b38143cfc 100644
--- a/gateway/mw_jwt.go
+++ b/gateway/mw_jwt.go
@@ -937,8 +937,10 @@ func (k *JWTMiddleware) processCentralisedJWT(r *http.Request, token *jwt.Token)
 	}
 
 	oauthClientID := ""
-	// Get the OAuth client ID if available:
+	// Get the OAuth client ID if available.
+	// This step is skipped for external IDPs if IDPClientIDMappingDisabled is set to true.
 	if !k.Spec.IDPClientIDMappingDisabled {
+		k.Logger().Debug("IDP client ID mapping enabled, attempting to retrieve OAuth client ID from claims.")
 		oauthClientID = k.getOAuthClientIDFromClaim(claims)
 	}
 
@@ -984,7 +986,8 @@ func (k *JWTMiddleware) processCentralisedJWT(r *http.Request, token *jwt.Token)
 				}
 			}
 		} else {
-			k.Logger().WithError(err).Debug("Couldn't get OAuth client")
+			k.Logger().WithError(err).
+				Warnf("Failed to retrieve OAuth client. For external IDPs, consider disabling IDP client ID mapping for better performance.")
 		}
 	}