diff --git a/backend/tests/api_admin_test.rs b/backend/tests/api_admin_test.rs
index ff89c17..f3e51b2 100644
--- a/backend/tests/api_admin_test.rs
+++ b/backend/tests/api_admin_test.rs
@@ -109,17 +109,18 @@ async fn unauthenticated_admin_endpoint_returns_401() {
     }
 
     let app = common::TestApp::new().await;
+    let fake_session = "invalid-session-token-that-does-not-exist";
 
-    let (status, body) = app.get("/api/v1/admin/providers").await;
-    assert_eq!(status, StatusCode::UNAUTHORIZED, "Unauthenticated GET /admin/providers should return 401");
+    let (status, body) = app.get_with_session("/api/v1/admin/providers", fake_session).await;
+    assert_eq!(status, StatusCode::UNAUTHORIZED, "Invalid session GET /admin/providers should return 401");
     assert_eq!(body["error"], "unauthorized");
 
-    let (status2, body2) = app.get("/api/v1/admin/users").await;
-    assert_eq!(status2, StatusCode::UNAUTHORIZED, "Unauthenticated GET /admin/users should return 401");
+    let (status2, body2) = app.get_with_session("/api/v1/admin/users", fake_session).await;
+    assert_eq!(status2, StatusCode::UNAUTHORIZED, "Invalid session GET /admin/users should return 401");
     assert_eq!(body2["error"], "unauthorized");
 
-    let (status3, body3) = app.get("/api/v1/admin/rate-limits").await;
-    assert_eq!(status3, StatusCode::UNAUTHORIZED, "Unauthenticated GET /admin/rate-limits should return 401");
+    let (status3, body3) = app.get_with_session("/api/v1/admin/rate-limits", fake_session).await;
+    assert_eq!(status3, StatusCode::UNAUTHORIZED, "Invalid session GET /admin/rate-limits should return 401");
     assert_eq!(body3["error"], "unauthorized");
 }
 
@@ -745,9 +746,10 @@ async fn config_providers_without_auth_returns_401() {
     }
 
     let app = common::TestApp::new().await;
-    let (status, body) = app.get("/api/v1/config/providers").await;
+    let fake_session = "invalid-session-token-that-does-not-exist";
+    let (status, body) = app.get_with_session("/api/v1/config/providers", fake_session).await;
 
-    assert_eq!(status, StatusCode::UNAUTHORIZED, "GET /config/providers without auth should return 401");
+    assert_eq!(status, StatusCode::UNAUTHORIZED, "Invalid session GET /config/providers should return 401");
     assert_eq!(body["error"], "unauthorized");
 }