diff --git a/lib/bundler/settings.rb b/lib/bundler/settings.rb
index abf7db21b4..450f57e3d3 100644
--- a/lib/bundler/settings.rb
+++ b/lib/bundler/settings.rb
@@ -419,7 +419,15 @@ module Bundler
       elsif is_credential(key)
         "[REDACTED]"
       elsif is_userinfo(converted)
-        converted.gsub(/:.*$/, ":[REDACTED]")
+        username, pass = converted.split(":")
+
+        if pass == "x-oauth-basic"
+          username = "[REDACTED]"
+        else
+          pass = "[REDACTED]"
+        end
+
+        [username, pass].join(":")
       else
         converted
       end
diff --git a/spec/bundler/bundler/env_spec.rb b/spec/bundler/bundler/env_spec.rb
index 5d3aeec226..a6f4b2ba85 100644
--- a/spec/bundler/bundler/env_spec.rb
+++ b/spec/bundler/bundler/env_spec.rb
@@ -127,6 +127,20 @@ RSpec.describe Bundler::Env do
       end
     end
 
+    context "when there's bundler config with OAuth token credentials" do
+      before do
+        bundle "config set https://localgemserver.test/ api_token:x-oauth-basic"
+      end
+
+      let(:output) { described_class.report(:print_gemfile => true) }
+
+      it "prints the config with redacted values" do
+        expect(output).to include("https://localgemserver.test")
+        expect(output).to include("[REDACTED]:x-oauth-basic")
+        expect(output).to_not include("api_token:x-oauth-basic")
+      end
+    end
+
     context "when Gemfile contains a gemspec and print_gemspecs is true" do
       let(:gemspec) do
         strip_whitespace(<<-GEMSPEC)
diff --git a/spec/bundler/commands/config_spec.rb b/spec/bundler/commands/config_spec.rb
index 48f0ceab78..2d0a7dc989 100644
--- a/spec/bundler/commands/config_spec.rb
+++ b/spec/bundler/commands/config_spec.rb
@@ -440,6 +440,14 @@ E
       expect(out).to eq "gems.myserver.com=user:password\nspec_run=true"
     end
 
+    it "list with API token credentials" do
+      bundle "config list", :env => { "BUNDLE_GEMS__MYSERVER__COM" => "api_token:x-oauth-basic" }
+      expect(out).to eq "Settings are listed in order of priority. The top value will be used.\ngems.myserver.com\nSet via BUNDLE_GEMS__MYSERVER__COM: \"[REDACTED]:x-oauth-basic\"\n\nspec_run\nSet via BUNDLE_SPEC_RUN: \"true\""
+
+      bundle "config list", :parseable => true, :env => { "BUNDLE_GEMS__MYSERVER__COM" => "api_token:x-oauth-basic" }
+      expect(out).to eq "gems.myserver.com=api_token:x-oauth-basic\nspec_run=true"
+    end
+
     it "get" do
       ENV["BUNDLE_BAR"] = "bar_val"