diff --git a/pom.xml b/pom.xml
index f704d68..af2bf59 100644
--- a/pom.xml
+++ b/pom.xml
@@ -30,8 +30,8 @@
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
     <main.java.package>io.phasetwo.keycloak.magic</main.java.package>
     <junit.version>4.13.2</junit.version>
-    <keycloak.version>25.0.0</keycloak.version>
-    <lombok.version>1.18.32</lombok.version>
+    <keycloak.version>26.0.0</keycloak.version>
+    <lombok.version>1.18.34</lombok.version>
     <auto-service.version>1.1.1</auto-service.version>
     <ossrh.url>https://s01.oss.sonatype.org</ossrh.url>
   </properties>
diff --git a/src/main/java/io/phasetwo/keycloak/magic/MagicLink.java b/src/main/java/io/phasetwo/keycloak/magic/MagicLink.java
index f81096a..e32bb9c 100644
--- a/src/main/java/io/phasetwo/keycloak/magic/MagicLink.java
+++ b/src/main/java/io/phasetwo/keycloak/magic/MagicLink.java
@@ -117,7 +117,7 @@ public static MagicLinkActionToken createActionToken(
 
   public static MagicLinkContinuationActionToken createExpandedActionToken(
       UserModel user, String clientId, int validityInSecs, AuthenticationSessionModel authSession) {
-    log.infof(
+    log.debugf(
         "Attempting MagicLinkContinuationAuthenticator for %s, %s, %s, %s",
         user.getEmail(), clientId, authSession.getParentSession().getId(), authSession.getTabId());
 
@@ -146,9 +146,9 @@ public static MagicLinkActionToken createActionToken(
     String scope = authSession.getClientNote(OIDCLoginProtocol.SCOPE_PARAM);
     String state = authSession.getClientNote(OIDCLoginProtocol.STATE_PARAM);
     String nonce = authSession.getClientNote(OIDCLoginProtocol.NONCE_PARAM);
-    log.infof(
+    log.debugf(
         "Attempting MagicLinkAuthenticator for %s, %s, %s", user.getEmail(), clientId, redirectUri);
-    log.infof("MagicLinkAuthenticator extra vars %s %s %s %b", scope, state, nonce, rememberMe);
+    log.debugf("MagicLinkAuthenticator extra vars %s %s %s %b", scope, state, nonce, rememberMe);
     return createActionToken(
         user,
         clientId,
diff --git a/src/main/java/io/phasetwo/keycloak/magic/auth/token/MagicLinkActionTokenHandler.java b/src/main/java/io/phasetwo/keycloak/magic/auth/token/MagicLinkActionTokenHandler.java
index d475d65..f5e0b78 100644
--- a/src/main/java/io/phasetwo/keycloak/magic/auth/token/MagicLinkActionTokenHandler.java
+++ b/src/main/java/io/phasetwo/keycloak/magic/auth/token/MagicLinkActionTokenHandler.java
@@ -61,7 +61,7 @@ public boolean canUseTokenRepeatedly(
   @Override
   public Response handleToken(
       MagicLinkActionToken token, ActionTokenContext<MagicLinkActionToken> tokenContext) {
-    log.infof("handleToken for iss:%s, user:%s", token.getIssuedFor(), token.getUserId());
+    log.debugf("handleToken for iss:%s, user:%s", token.getIssuedFor(), token.getUserId());
     UserModel user = tokenContext.getAuthenticationSession().getAuthenticatedUser();
 
     final AuthenticationSessionModel authSession = tokenContext.getAuthenticationSession();
@@ -71,7 +71,7 @@ public Response handleToken(
             ? token.getRedirectUri()
             : ResolveRelative.resolveRelativeUri(
                 tokenContext.getSession(), client.getRootUrl(), client.getBaseUrl());
-    log.infof("Using redirect_uri %s", redirectUri);
+    log.debugf("Using redirect_uri %s", redirectUri);
 
     String redirect =
         RedirectUtils.verifyRedirectUri(
@@ -92,7 +92,7 @@ public Response handleToken(
 
     if (token.getScope() != null) {
       authSession.setClientNote(OAuth2Constants.SCOPE, token.getScope());
-      AuthenticationManager.setClientScopesInSession(authSession);
+      AuthenticationManager.setClientScopesInSession(tokenContext.getSession(), authSession);
     }
 
     if (token.getRememberMe() != null && token.getRememberMe()) {
diff --git a/src/main/java/io/phasetwo/keycloak/magic/auth/token/MagicLinkContinuationLinkActionTokenHandler.java b/src/main/java/io/phasetwo/keycloak/magic/auth/token/MagicLinkContinuationLinkActionTokenHandler.java
index a61311f..9bb583c 100644
--- a/src/main/java/io/phasetwo/keycloak/magic/auth/token/MagicLinkContinuationLinkActionTokenHandler.java
+++ b/src/main/java/io/phasetwo/keycloak/magic/auth/token/MagicLinkContinuationLinkActionTokenHandler.java
@@ -39,7 +39,7 @@ public MagicLinkContinuationLinkActionTokenHandler() {
   public Response handleToken(
       MagicLinkContinuationActionToken token,
       ActionTokenContext<MagicLinkContinuationActionToken> tokenContext) {
-    log.infof("HandleToken for iss:%s, user:%s", token.getIssuedFor(), token.getUserId());
+    log.debugf("HandleToken for iss:%s, user:%s", token.getIssuedFor(), token.getUserId());
     UserModel user = tokenContext.getAuthenticationSession().getAuthenticatedUser();
 
     final AuthenticationSessionModel authSession = tokenContext.getAuthenticationSession();
@@ -83,7 +83,7 @@ public Response handleToken(
   public AuthenticationSessionModel startFreshAuthenticationSession(
       MagicLinkContinuationActionToken token,
       ActionTokenContext<MagicLinkContinuationActionToken> tokenContext) {
-    log.infof("startFreshAuthenticationSession %s", token.getIssuedFor());
+    log.debugf("startFreshAuthenticationSession %s", token.getIssuedFor());
 
     ClientModel client =
         tokenContext
diff --git a/src/main/java/io/phasetwo/keycloak/magic/resources/MagicLinkResource.java b/src/main/java/io/phasetwo/keycloak/magic/resources/MagicLinkResource.java
index c7aaa78..889af87 100644
--- a/src/main/java/io/phasetwo/keycloak/magic/resources/MagicLinkResource.java
+++ b/src/main/java/io/phasetwo/keycloak/magic/resources/MagicLinkResource.java
@@ -79,7 +79,7 @@ public MagicLinkResponse createMagicLink(final MagicLinkRequest rep) {
     boolean sent = false;
     if (sendEmail) {
       sent = MagicLink.sendMagicLinkEmail(session, user, link);
-      log.infof("sent email to %s? %b. Link? %s", rep.getEmail(), sent, link);
+      log.debugf("sent email to %s? %b. Link? %s", rep.getEmail(), sent, link);
     }
 
     MagicLinkResponse resp = new MagicLinkResponse();