diff --git a/src/Authentication/Authentication.Core/Utilities/AuthenticationHelpers.cs b/src/Authentication/Authentication.Core/Utilities/AuthenticationHelpers.cs
index d7981db84c9..86bda5def4e 100644
--- a/src/Authentication/Authentication.Core/Utilities/AuthenticationHelpers.cs
+++ b/src/Authentication/Authentication.Core/Utilities/AuthenticationHelpers.cs
@@ -2,11 +2,13 @@
 //  Copyright (c) Microsoft Corporation.  All Rights Reserved.  Licensed under the MIT License.  See License in the project root for license information.
 // ------------------------------------------------------------------------------
 using Azure.Core;
+using Azure.Core.Diagnostics;
 using Azure.Identity;
 using Microsoft.Graph.PowerShell.Authentication.Core.Extensions;
 using Microsoft.Identity.Client;
 using Microsoft.Identity.Client.Extensions.Msal;
 using System;
+using System.Diagnostics.Tracing;
 using System.Globalization;
 using System.IO;
 using System.Linq;
@@ -201,8 +203,14 @@ public static async Task<IAuthContext> AuthenticateAsync(IAuthContext authContex
             {
                 try
                 {
-                    signInAuthContext = await SignInAsync(authContext, cancellationToken).ConfigureAwait(false);
-                    retrySignIn = false;
+                    // Write MSAL logs to debug stream.
+                    using (AzureEventSourceListener listener = new AzureEventSourceListener(
+                        (args, message) => GraphSession.Instance.OutputWriter.WriteDebug($"{message}"),
+                        level: EventLevel.Informational))
+                    {
+                        signInAuthContext = await SignInAsync(authContext, cancellationToken).ConfigureAwait(false);
+                        retrySignIn = false;
+                    };
                 }
                 catch (AuthenticationFailedException authEx)
                 {
diff --git a/src/Authentication/Authentication/test/Connect-MgGraph.Tests.ps1 b/src/Authentication/Authentication/test/Connect-MgGraph.Tests.ps1
index 8e07a5f4f5c..06f213272df 100644
--- a/src/Authentication/Authentication/test/Connect-MgGraph.Tests.ps1
+++ b/src/Authentication/Authentication/test/Connect-MgGraph.Tests.ps1
@@ -95,9 +95,17 @@ Describe 'Connect-MgGraph In App Mode' {
     }
 
 }
+
 Describe 'Connect-MgGraph Dependency Resolution' {
     It 'Should load Mg module side by side with Az module.' {
         { Connect-AzAccount -ApplicationId $RandomClientId -CertificateThumbprint "Invalid" -Tenant "Invalid" -ErrorAction Stop } | Should -Throw -ExpectedMessage "*Could not find tenant id*"
         { Connect-MgGraph -TenantId "thisdomaindoesnotexist.com" -ErrorAction Stop -UseDeviceAuthentication } | Should -Throw -ExpectedMessage "*AADSTS90002*"
     }
+}
+
+Describe 'Connect-MgGraph Logging' {
+    It 'Should write MSAL logs to debug stream.' {
+        $MgDebugStream = $(Connect-MgGraph -TenantId "thisdomaindoesnotexist.com" -UseDeviceAuthentication -Debug -ErrorAction SilentlyContinue) 5>&1
+        $MgDebugStream[0] | Should -Match "DeviceCodeCredential.Authenticate invoked. Scopes: \[ User.Read \]"
+    }
 }
\ No newline at end of file