The messages ELY23012 and ELY23013 are currently logged on level ERROR.

Example:

14:35:05,357 ERROR [org.wildfly.security.http.oidc] (default task-710) ELY23012: Refresh token failure status: 400 {"error":"invalid_grant","error_description":"Session not active"}

14:35:16,132 ERROR [org.wildfly.security.http.oidc] (default task-698) ELY23013: Failed verification of token: ELY23051: Invalid bearer token 

The log level for these messages should be reduced to WARN because non of these issues require attention by developers or operations.

A failed token refresh is not an error, e.g. the token can be revoked.

An invalid bearer token is a problem on the client side, but not an error on the server side.