diff --git a/src/djangooidc/oidc.py b/src/djangooidc/oidc.py
index b2b1acd8e..074dbdd1c 100644
--- a/src/djangooidc/oidc.py
+++ b/src/djangooidc/oidc.py
@@ -162,7 +162,7 @@ class Client(oic.Client):
             logger.error(err)
             logger.error("Unable to parse response for %s" % state)
             raise o_e.AuthenticationFailed(locator=state)
-
+        logger.info(authn_response)
         # ErrorResponse is not raised, it is passed back...
         if isinstance(authn_response, ErrorResponse):
             error = authn_response.get("error", "")
@@ -207,7 +207,7 @@ class Client(oic.Client):
             logger.error(err)
             logger.error("Unable to request user info for %s" % state)
             raise o_e.AuthenticationFailed(locator=state)
-
+        logger.info(info_response)
         # ErrorResponse is not raised, it is passed back...
         if isinstance(info_response, ErrorResponse):
             logger.error("Unable to get user info (%s) for %s" % (info_response.get("error", ""), state))
diff --git a/src/djangooidc/views.py b/src/djangooidc/views.py
index ea893daf2..89ff6e0f8 100644
--- a/src/djangooidc/views.py
+++ b/src/djangooidc/views.py
@@ -56,6 +56,7 @@ def error_page(request, error):
 def openid(request):
     """Redirect the user to an authentication provider (OP)."""
     request.session["next"] = request.GET.get("next", "/")
+    request.session["acr_value"] = request.GET.get("acr_value",)
 
     try:
         return CLIENT.create_authn_request(request.session)
@@ -70,6 +71,13 @@ def login_callback(request):
         userinfo = CLIENT.callback(query, request.session)
         user = authenticate(request=request, **userinfo)
         if user:
+            # test for need for identity verification and if it is satisfied
+            # if not satisfied, redirect user to login with stepped up acr_value
+            if requires_step_up_auth(userinfo):
+                return 
+            # 
+            # if User.needs_identity_verification and step_up_acr_value not in 
+            # ial returned from callback, redirect to 
             login(request, user)
             logger.info("Successfully logged in user %s" % user)
             return redirect(request.session.get("next", "/"))
@@ -78,7 +86,8 @@ def login_callback(request):
     except Exception as err:
         return error_page(request, err)
 
-
+def requires_step_up_auth(userinfo):
+    step_up_acr_value = 
 def logout(request, next_page=None):
     """Redirect the user to the authentication provider (OP) logout page."""
     try: