diff --git a/pkg/cmd/openshift-tests/run-upgrade/options.go b/pkg/cmd/openshift-tests/run-upgrade/options.go
index 34f30c4db519..2d72aeebc037 100644
--- a/pkg/cmd/openshift-tests/run-upgrade/options.go
+++ b/pkg/cmd/openshift-tests/run-upgrade/options.go
@@ -72,7 +72,10 @@ func (o *RunUpgradeSuiteOptions) UpgradeTestPreSuite() error {
 	if err := clusterdiscovery.InitializeTestFramework(exutil.TestContext, config, o.GinkgoRunSuiteOptions.DryRun); err != nil {
 		return err
 	}
-	klog.V(4).Infof("Loaded test configuration: %#v", exutil.TestContext)
+	// Redact the bearer token exposure
+	testContextString := fmt.Sprintf("%#v", exutil.TestContext)
+	redactedTestContext := exutil.RedactBearerToken(testContextString)
+	klog.V(4).Infof("Loaded test configuration: %s", redactedTestContext)
 
 	return nil
 }
diff --git a/test/extended/util/client.go b/test/extended/util/client.go
index 5e034dd6261e..1af62cd7137a 100644
--- a/test/extended/util/client.go
+++ b/test/extended/util/client.go
@@ -1040,11 +1040,16 @@ func (c *CLI) start(stdOutBuff, stdErrBuff *bytes.Buffer) (*exec.Cmd, error) {
 	return cmd, err
 }
 
+var (
+	reAuthorizationBearer = regexp.MustCompile(`Authorization:\s+Bearer.*\s+`)
+	reBearerToken         = regexp.MustCompile(`BearerToken:\s*\"[^\"]+\"`)
+)
+
 func RedactBearerToken(args string) string {
 	if strings.Contains(args, "Authorization: Bearer") {
-		// redact bearer token
-		re := regexp.MustCompile(`Authorization:\s+Bearer.*\s+`)
-		args = re.ReplaceAllString(args, "Authorization: Bearer <redacted> ")
+		args = reAuthorizationBearer.ReplaceAllString(args, "Authorization: Bearer <redacted> ")
+	} else if strings.Contains(args, "BearerToken") {
+		args = reBearerToken.ReplaceAllString(args, "BearerToken: <redacted> ")
 	}
 	return args
 }