diff --git a/changelogs/unreleased/client-identity.yml b/changelogs/unreleased/client-identity.yml
new file mode 100644
index 0000000000000000000000000000000000000000..0f4c30f712cf9fa2e2fece41e6df9fdcccc54ae5
--- /dev/null
+++ b/changelogs/unreleased/client-identity.yml
@@ -0,0 +1,5 @@
+---
+title: Support for logging propagated client identity
+merge_request: 2802
+author:
+type: added
diff --git a/internal/middleware/metadatahandler/metadatahandler.go b/internal/middleware/metadatahandler/metadatahandler.go
index 70e38b7cdf671798732a92e5bf2f50b83caa2fdd..cfe5cb1a41ae72d13c5eb9d959c57ad951e388de 100644
--- a/internal/middleware/metadatahandler/metadatahandler.go
+++ b/internal/middleware/metadatahandler/metadatahandler.go
@@ -49,6 +49,15 @@ const AuthVersionKey = "grpc.meta.auth_version"
 // DeadlineTypeKey is the key used in ctx_tags to store the deadline type
 const DeadlineTypeKey = "grpc.meta.deadline_type"
 
+// RemoteIPKey is the key used in ctx_tags to store the remote_ip
+const RemoteIPKey = "remote_ip"
+
+// UserIDKey is the key used in ctx_tags to store the user_id
+const UserIDKey = "user_id"
+
+// UsernameKey is the key used in ctx_tags to store the username
+const UsernameKey = "username"
+
 // CorrelationIDKey is the key used in ctx_tags to store the correlation ID
 const CorrelationIDKey = "correlation_id"
 
@@ -117,6 +126,21 @@ func addMetadataTags(ctx context.Context) metadataTags {
 		tags.Set(AuthVersionKey, authInfo.Version)
 	}
 
+	metadata = getFromMD(md, "remote_ip")
+	if metadata != "" {
+		tags.Set(RemoteIPKey, metadata)
+	}
+
+	metadata = getFromMD(md, "user_id")
+	if metadata != "" {
+		tags.Set(UserIDKey, metadata)
+	}
+
+	metadata = getFromMD(md, "username")
+	if metadata != "" {
+		tags.Set(UsernameKey, metadata)
+	}
+
 	// This is a stop-gap approach to logging correlation_ids
 	correlationID := correlation.ExtractFromContext(ctx)
 	if correlationID != "" {