diff --git a/.changeset/keyring-backend-tracing.md b/.changeset/keyring-backend-tracing.md
new file mode 100644
index 00000000..3d8c3c38
--- /dev/null
+++ b/.changeset/keyring-backend-tracing.md
@@ -0,0 +1,5 @@
+---
+"@googleworkspace/cli": patch
+---
+
+Route the "Using keyring backend" log line through `tracing::info!` instead of raw `eprintln!`. The line now respects `GOOGLE_WORKSPACE_CLI_LOG` (so users can suppress it via `gws=warn` as the help text already advertises) and reaches the JSON log pipeline configured by `GOOGLE_WORKSPACE_CLI_LOG_FILE`.
diff --git a/crates/google-workspace-cli/src/credential_store.rs b/crates/google-workspace-cli/src/credential_store.rs
index ffc6db25..63f4c875 100644
--- a/crates/google-workspace-cli/src/credential_store.rs
+++ b/crates/google-workspace-cli/src/credential_store.rs
@@ -356,8 +356,8 @@ fn get_or_create_key() -> anyhow::Result<[u8; 32]> {
     #[cfg(test)]
     let backend = KeyringBackend::File; // Force file to avoid native keychain prompts during test execution
 
-    // Item 5: log which backend was selected
-    eprintln!("Using keyring backend: {}", backend.as_str());
+    // Item 5: log which backend was selected (audit trail; controlled by GOOGLE_WORKSPACE_CLI_LOG)
+    tracing::info!(backend = backend.as_str(), "Using keyring backend");
 
     let username = std::env::var("USER")
         .or_else(|_| std::env::var("USERNAME"))