diff --git a/src/sentry/api/endpoints/auth_index.py b/src/sentry/api/endpoints/auth_index.py
index 5a291455c2b187..7a33871fd427c9 100644
--- a/src/sentry/api/endpoints/auth_index.py
+++ b/src/sentry/api/endpoints/auth_index.py
@@ -1,6 +1,5 @@
 import logging
 
-from django.conf import settings
 from django.contrib.auth import logout
 from django.contrib.auth.models import AnonymousUser
 from django.utils.http import url_has_allowed_host_and_scheme
@@ -33,10 +32,6 @@
 
 PREFILLED_SU_MODAL_KEY = "prefilled_su_modal"
 
-DISABLE_SU_FORM_U2F_CHECK_FOR_LOCAL = getattr(
-    settings, "DISABLE_SU_FORM_U2F_CHECK_FOR_LOCAL", False
-)
-
 
 @control_silo_endpoint
 class BaseAuthIndexEndpoint(Endpoint):
diff --git a/src/sentry/auth/superuser.py b/src/sentry/auth/superuser.py
index f2f15518f24048..5747c7ea55c556 100644
--- a/src/sentry/auth/superuser.py
+++ b/src/sentry/auth/superuser.py
@@ -179,7 +179,15 @@ def __init__(self, request, allowed_ips=UNSET, org_id=UNSET, current_datetime=No
 
     @staticmethod
     def _needs_validation():
-        if is_self_hosted() or DISABLE_SU_FORM_U2F_CHECK_FOR_LOCAL:
+        self_hosted = is_self_hosted()
+        logger.info(
+            "superuser.needs-validation",
+            extra={
+                "DISABLE_SU_FORM_U2F_CHECK_FOR_LOCAL": DISABLE_SU_FORM_U2F_CHECK_FOR_LOCAL,
+                "self_hosted": self_hosted,
+            },
+        )
+        if self_hosted or DISABLE_SU_FORM_U2F_CHECK_FOR_LOCAL:
             return False
         return settings.VALIDATE_SUPERUSER_ACCESS_CATEGORY_AND_REASON