diff --git a/keystoneauth1/session.py b/keystoneauth1/session.py
index 46e2b124..a843a4d7 100644
--- a/keystoneauth1/session.py
+++ b/keystoneauth1/session.py
@@ -200,7 +200,7 @@ class Session(object):
     def _process_header(header):
         """Redacts the secure headers to be logged."""
         secure_headers = ('authorization', 'x-auth-token',
-                          'x-subject-token',)
+                          'x-subject-token', 'x-service-token')
         if header[0].lower() in secure_headers:
             token_hasher = hashlib.sha1()
             token_hasher.update(header[1].encode('utf-8'))
diff --git a/keystoneauth1/tests/unit/test_session.py b/keystoneauth1/tests/unit/test_session.py
index 508c56a3..3c849c96 100644
--- a/keystoneauth1/tests/unit/test_session.py
+++ b/keystoneauth1/tests/unit/test_session.py
@@ -148,7 +148,8 @@ class SessionTests(utils.TestCase):
         headers = {'HEADERA': 'HEADERVALB'}
         security_headers = {'Authorization': uuid.uuid4().hex,
                             'X-Auth-Token': uuid.uuid4().hex,
-                            'X-Subject-Token': uuid.uuid4().hex, }
+                            'X-Subject-Token': uuid.uuid4().hex,
+                            'X-Service-Token': uuid.uuid4().hex}
         body = 'BODYRESPONSE'
         data = 'BODYDATA'
         all_headers = dict(
diff --git a/releasenotes/notes/bug-1654847-acdf9543158329ec.yaml b/releasenotes/notes/bug-1654847-acdf9543158329ec.yaml
new file mode 100644
index 00000000..5d066e90
--- /dev/null
+++ b/releasenotes/notes/bug-1654847-acdf9543158329ec.yaml
@@ -0,0 +1,5 @@
+---
+fixes:
+  - |
+    The ``X-Service-Token`` header value is now properly masked, and is
+    displayed as a hash value, in the log.