diff --git a/internal/config/config_core_test.go b/internal/config/config_core_test.go
index d71b0bf6..dd1f66a9 100644
--- a/internal/config/config_core_test.go
+++ b/internal/config/config_core_test.go
@@ -399,7 +399,7 @@ audience = "https://example.com"
 	require.Error(t, err)
 	assert.Nil(t, cfg)
 	assert.Contains(t, err.Error(), "auth")
-	assert.Contains(t, err.Error(), "HTTP")
+	assert.Contains(t, err.Error(), "Remove the auth configuration or change the server type to \"http\"")
 }
 
 // TestLoadFromFile_NegativePayloadSizeThresholdRejected verifies that TOML configs with
diff --git a/internal/config/config_stdin_test.go b/internal/config/config_stdin_test.go
index 7419e75c..1bf05071 100644
--- a/internal/config/config_stdin_test.go
+++ b/internal/config/config_stdin_test.go
@@ -287,7 +287,7 @@ func TestConvertStdinServerConfig_ValidationError(t *testing.T) {
 					Type: "github-oidc",
 				},
 			},
-			errorContains: "auth is only supported for HTTP servers",
+			errorContains: "server type \"stdio\"",
 		},
 	}
 
@@ -320,7 +320,7 @@ func TestConvertStdinServerConfig_StdioWithAuth(t *testing.T) {
 	var valErr *rules.ValidationError
 	require.True(t, errors.As(err, &valErr), "expected a *rules.ValidationError, got %T: %v", err, err)
 	assert.Equal(t, "auth", valErr.Field)
-	assert.Contains(t, valErr.Message, "auth is only supported for HTTP servers")
+	assert.Contains(t, valErr.Message, "server type \"stdio\"")
 	assert.Contains(t, valErr.JSONPath, "mcpServers.my-server")
 	assert.NotEmpty(t, valErr.Suggestion)
 }
diff --git a/internal/config/validation_test.go b/internal/config/validation_test.go
index c5e7802d..fa0a2d2c 100644
--- a/internal/config/validation_test.go
+++ b/internal/config/validation_test.go
@@ -991,7 +991,7 @@ func TestValidateAuthConfig(t *testing.T) {
 				},
 			},
 			shouldErr: true,
-			errMsg:    "auth is only supported for HTTP servers",
+			errMsg:    "server type \"stdio\"",
 		},
 		{
 			name: "unknown auth type is rejected",