Figuring out the root cause for `POST 400 /auth/v1/token?grant_type=password` errors

Hi! We're getting a fair amount of 400s for auth requests (see image). What could be the reason for that and what's a good approach to debug this? Can I inspect the malformed requests / 400s somewhere in the logs?