diff --git a/pkg/beholder/auth.go b/pkg/beholder/auth.go
index ac02ff555..6e589745b 100644
--- a/pkg/beholder/auth.go
+++ b/pkg/beholder/auth.go
@@ -141,7 +141,8 @@ func buildAuthHeadersV2(privKey ed25519.PrivateKey, config *AuthHeaderConfig) ma
 	if config.version == "" {
 		config.version = authHeaderVersion2
 	}
-	// If timestamp is negative, set it to 0. negative values cause overflow on conversion to uint64
+	// If timestamp is negative or 0, set it to current timestamp.
+	// negative values cause overflow on conversion to uint64
 	if config.timestamp <= 0 {
 		config.timestamp = time.Now().UnixMilli()
 	}
diff --git a/pkg/beholder/auth_test.go b/pkg/beholder/auth_test.go
index 830181e5c..1b3e18aa0 100644
--- a/pkg/beholder/auth_test.go
+++ b/pkg/beholder/auth_test.go
@@ -109,6 +109,7 @@ func TestBuildAuthHeadersV2WithDefaults(t *testing.T) {
 }
 
 func TestBuildAuthHeadersV2WithNegativeTimestamp(t *testing.T) {
+	// This tests that if the timestamp is negative, it will be set it to current timestamp
 	csaPrivKey, err := generateTestCSAPrivateKey()
 	require.NoError(t, err)
 	timestamp := int64(-111)
@@ -126,7 +127,8 @@ func TestBuildAuthHeadersV2WithNegativeTimestamp(t *testing.T) {
 	_, _, timestampStr, _ := parts[0], parts[1], parts[2], parts[3]
 	timestampParsed, err := strconv.ParseInt(timestampStr, 10, 64)
 	require.NoError(t, err)
-	assert.Zero(t, timestampParsed)
+	// Verify the timestamp is within the last 50ms
+	assert.InDelta(t, time.Now().UnixMilli(), timestampParsed, 50, "timestamp should be 0")
 }
 
 func generateTestCSAPrivateKey() (ed25519.PrivateKey, error) {
diff --git a/pkg/beholder/config_test.go b/pkg/beholder/config_test.go
index 538ad5d36..0d130efd6 100644
--- a/pkg/beholder/config_test.go
+++ b/pkg/beholder/config_test.go
@@ -50,6 +50,6 @@ func ExampleConfig() {
 	}
 	fmt.Printf("%+v\n", *config.LogRetryConfig)
 	// Output:
-	// {InsecureConnection:true CACertFile: OtelExporterGRPCEndpoint:localhost:4317 OtelExporterHTTPEndpoint:localhost:4318 ResourceAttributes:[{Key:package_name Value:{vtype:4 numeric:0 stringly:beholder slice:<nil>}} {Key:sender Value:{vtype:4 numeric:0 stringly:beholderclient slice:<nil>}}] EmitterExportTimeout:1s EmitterBatchProcessor:true TraceSampleRatio:1 TraceBatchTimeout:1s TraceSpanExporter:<nil> TraceRetryConfig:<nil> MetricReaderInterval:1s MetricRetryConfig:<nil> MetricViews:[] LogExportTimeout:1s LogBatchProcessor:true LogRetryConfig:<nil> AuthPublicKeyHex: AuthHeaders:map[]}
+	// {InsecureConnection:true CACertFile: OtelExporterGRPCEndpoint:localhost:4317 OtelExporterHTTPEndpoint:localhost:4318 ResourceAttributes:[{Key:package_name Value:{vtype:4 numeric:0 stringly:beholder slice:<nil>}} {Key:sender Value:{vtype:4 numeric:0 stringly:beholderclient slice:<nil>}}] EmitterExportTimeout:1s EmitterBatchProcessor:true TraceSampleRatio:1 TraceBatchTimeout:1s TraceSpanExporter:<nil> TraceRetryConfig:<nil> MetricReaderInterval:1s MetricRetryConfig:<nil> MetricViews:[] LogExportTimeout:1s LogBatchProcessor:true LogRetryConfig:<nil> AuthPublicKeyHex: AuthHeaders:map[] AuthHeaderProvider:<nil>}
 	// {InitialInterval:5s MaxInterval:30s MaxElapsedTime:1m0s}
 }