diff --git a/cmd/kubeadm/app/util/kubeconfig/kubeconfig.go b/cmd/kubeadm/app/util/kubeconfig/kubeconfig.go
index 461dac0032e..3494960f640 100644
--- a/cmd/kubeadm/app/util/kubeconfig/kubeconfig.go
+++ b/cmd/kubeadm/app/util/kubeconfig/kubeconfig.go
@@ -124,7 +124,7 @@ func HasAuthenticationCredentials(config *clientcmdapi.Config) bool {
 	}
 
 	// token authentication
-	if len(authInfo.Token) != 0 {
+	if len(authInfo.Token) != 0 || len(authInfo.TokenFile) != 0 {
 		return true
 	}
 
@@ -139,6 +139,16 @@ func HasAuthenticationCredentials(config *clientcmdapi.Config) bool {
 		return true
 	}
 
+	// exec authentication
+	if authInfo.Exec != nil && len(authInfo.Exec.Command) != 0 {
+		return true
+	}
+
+	// authprovider authentication
+	if authInfo.AuthProvider != nil && len(authInfo.AuthProvider.Name) != 0 {
+		return true
+	}
+
 	return false
 }
 
@@ -166,6 +176,14 @@ func EnsureAuthenticationInfoAreEmbedded(config *clientcmdapi.Config) error {
 		authInfo.ClientKeyData = clientKey
 		authInfo.ClientKey = ""
 	}
+	if len(authInfo.Token) == 0 && len(authInfo.TokenFile) != 0 {
+		tokenBytes, err := os.ReadFile(authInfo.TokenFile)
+		if err != nil {
+			return errors.Wrap(err, "error while reading token file defined in kubeconfig")
+		}
+		authInfo.Token = string(tokenBytes)
+		authInfo.TokenFile = ""
+	}
 
 	return nil
 }
diff --git a/cmd/kubeadm/app/util/kubeconfig/kubeconfig_test.go b/cmd/kubeadm/app/util/kubeconfig/kubeconfig_test.go
index 66dee617a3c..f471f763879 100644
--- a/cmd/kubeadm/app/util/kubeconfig/kubeconfig_test.go
+++ b/cmd/kubeadm/app/util/kubeconfig/kubeconfig_test.go
@@ -313,6 +313,24 @@ func TestHasCredentials(t *testing.T) {
 			},
 			expected: true,
 		},
+		{
+			name: "exec authentication credentials",
+			config: &clientcmdapi.Config{
+				CurrentContext: "kubernetes",
+				Contexts:       map[string]*clientcmdapi.Context{"kubernetes": {AuthInfo: "kubernetes"}},
+				AuthInfos:      map[string]*clientcmdapi.AuthInfo{"kubernetes": {Exec: &clientcmdapi.ExecConfig{Command: "command"}}},
+			},
+			expected: true,
+		},
+		{
+			name: "authprovider authentication credentials",
+			config: &clientcmdapi.Config{
+				CurrentContext: "kubernetes",
+				Contexts:       map[string]*clientcmdapi.Context{"kubernetes": {AuthInfo: "kubernetes"}},
+				AuthInfos:      map[string]*clientcmdapi.AuthInfo{"kubernetes": {AuthProvider: &clientcmdapi.AuthProviderConfig{Name: "A"}}},
+			},
+			expected: true,
+		},
 	}
 	for _, rt := range testCases {
 		t.Run(rt.name, func(t *testing.T) {