How to best debug anonymous user role

We are migrating an Mx4 to Mx6 project and I know that Mx6 is a lot more strict in its security settings. What used to work in Mx4 does not have to work in Mx6. The deeplink still works and I see the data on this page. When the anonymous user clicks on a button on that page I end up in the login screen. So obviously I made a mistake in the security settings here. But now how to find the object that is blocking the proces? I wish there was a logging setting I could use that would show me which object I tried to retrieve that I am not allowed to anymore. And is my assumption right that when I set the loglevel of the connection bus retrieve that the problem is just before the moment where the login page is getting loaded? Or could an earlier retrieve also be the result? Now it is just trying to find the needle in the haystack..... Regards, Ronald [EDIT] Here is the timeline now how to achieve the xpath it is using...    
1 answers

The best way I've found is to trace this from the browser side. One call to a microflow or a retrieve is returning a 403 - forbidden response and redirecting you to the login page.

In your browser's dev tools in the network tab, there is a setting to preserve the network log even after redirects. You can also do the same in the console. So flip those on, and then cause your security error. If there aren't details in the console, you will find the 403 in the network log and can review the HTTP request to see which entity or microflow is the culprit.