diff --git a/dist/index.js b/dist/index.js
index 63ba5a3..36bf68f 100644
--- a/dist/index.js
+++ b/dist/index.js
@@ -14022,6 +14022,7 @@ async function exportSecrets() {
     const vaultNamespace = core.getInput('namespace', { required: false });
     const extraHeaders = parseHeadersInput('extraHeaders', { required: false });
     const exportEnv = core.getInput('exportEnv', { required: false }) != 'false';
+    const exportToken = core.getInput('exportToken', { required: false }) == 'false';
 
     const secretsInput = core.getInput('secrets', { required: true });
     const secretRequests = parseSecretsInput(secretsInput);
@@ -14070,6 +14071,11 @@ async function exportSecrets() {
     defaultOptions.headers['X-Vault-Token'] = vaultToken;
     const client = got.extend(defaultOptions);
 
+    if (exportToken) {
+        command.issue('add-mask', vaultToken);
+        core.exportVariable('VAULT_TOKEN', `${vaultToken}`);
+    }
+
     const requests = secretRequests.map(request => {
         const { path, selector } = request;
         return request;
diff --git a/src/action.js b/src/action.js
index 82cd5ed..a8089d7 100644
--- a/src/action.js
+++ b/src/action.js
@@ -12,7 +12,7 @@ async function exportSecrets() {
     const vaultNamespace = core.getInput('namespace', { required: false });
     const extraHeaders = parseHeadersInput('extraHeaders', { required: false });
     const exportEnv = core.getInput('exportEnv', { required: false }) != 'false';
-    const exportToken = core.getInput('exportToken', { required: false }) != 'false';
+    const exportToken = core.getInput('exportToken', { required: false }) == 'false';
 
     const secretsInput = core.getInput('secrets', { required: true });
     const secretRequests = parseSecretsInput(secretsInput);