diff --git a/docs/protocol/draft/schema.mdx b/docs/protocol/draft/schema.mdx
index d9a81347..85c3fc1f 100644
--- a/docs/protocol/draft/schema.mdx
+++ b/docs/protocol/draft/schema.mdx
@@ -2006,7 +2006,7 @@ See protocol docs: [Extensibility](https://agentclientprotocol.com/protocol/exte
 <ResponseField name="description" type={"string | null"} >
   Optional description providing more details about this authentication method.
 </ResponseField>
-<ResponseField name="env" type={"object"} >
+<ResponseField name="env" type={<a href="#envvariable">EnvVariable[]</a>} >
   Additional environment variables to set when running the agent binary for terminal auth.
 </ResponseField>
 <ResponseField name="id" type={"string"} required>
@@ -2144,7 +2144,7 @@ See protocol docs: [Extensibility](https://agentclientprotocol.com/protocol/exte
 <ResponseField name="description" type={"string | null"} >
   Optional description providing more details about this authentication method.
 </ResponseField>
-<ResponseField name="env" type={"object"} >
+<ResponseField name="env" type={<a href="#envvariable">EnvVariable[]</a>} >
   Additional environment variables to set when running the agent binary for terminal auth.
 </ResponseField>
 <ResponseField name="id" type={"string"} required>
diff --git a/docs/rfds/auth-methods.mdx b/docs/rfds/auth-methods.mdx
index 15cdbbe5..85fbf1c7 100644
--- a/docs/rfds/auth-methods.mdx
+++ b/docs/rfds/auth-methods.mdx
@@ -123,12 +123,15 @@ This requires the client to be able to run an interactive terminal for the user
   "description": "Setup Label",
   "type": "terminal",
   "args": ["--setup"],
-  "env": { "VAR1": "value1", "VAR2": "value2" }
+  "env": [
+    { "name": "VAR1", "value": "value1" },
+    { "name": "VAR2", "value": "value2" }
+  ]
 }
 ```
 
 - `args` (optional, default `[]`): Additional arguments to pass when running the agent binary.
-- `env` (optional, default `{}`): Additional environment variables to set.
+- `env` (optional, default `[]`): Additional environment variables to set, as an array of objects with `name` and `value` fields.
 
 The `command` cannot be specified, the client will invoke the exact same binary with the exact same setup. The agent can supply additional arguments and environment variables as necessary. These will be supplied in **addition** to any args/env supplied by default when the server is started. So agents will need to have a way to kickoff their interactive login flow even if normal acp commands/arguments are supplied as well.
 
diff --git a/src/agent.rs b/src/agent.rs
index b8ce81de..286cdee9 100644
--- a/src/agent.rs
+++ b/src/agent.rs
@@ -5,9 +5,6 @@
 
 use std::{path::PathBuf, sync::Arc};
 
-#[cfg(feature = "unstable_auth_methods")]
-use std::collections::HashMap;
-
 use derive_more::{Display, From};
 use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
@@ -823,8 +820,8 @@ pub struct AuthMethodTerminal {
     #[serde(default, skip_serializing_if = "Vec::is_empty")]
     pub args: Vec<String>,
     /// Additional environment variables to set when running the agent binary for terminal auth.
-    #[serde(default, skip_serializing_if = "HashMap::is_empty")]
-    pub env: HashMap<String, String>,
+    #[serde(default, skip_serializing_if = "Vec::is_empty")]
+    pub env: Vec<EnvVariable>,
     /// The _meta property is reserved by ACP to allow clients and agents to attach additional
     /// metadata to their interactions. Implementations MUST NOT make assumptions about values at
     /// these keys.
@@ -843,7 +840,7 @@ impl AuthMethodTerminal {
             name: name.into(),
             description: None,
             args: Vec::new(),
-            env: HashMap::new(),
+            env: Vec::new(),
             meta: None,
         }
     }
@@ -857,7 +854,7 @@ impl AuthMethodTerminal {
 
     /// Additional environment variables to set when running the agent binary for terminal auth.
     #[must_use]
-    pub fn env(mut self, env: HashMap<String, String>) -> Self {
+    pub fn env(mut self, env: Vec<EnvVariable>) -> Self {
         self.env = env;
         self
     }
@@ -4497,11 +4494,7 @@ mod test_serialization {
     #[cfg(feature = "unstable_auth_methods")]
     #[test]
     fn test_auth_method_terminal_with_args_and_env_serialization() {
-        use std::collections::HashMap;
-
-        let mut env = HashMap::new();
-        env.insert("TERM".to_string(), "xterm-256color".to_string());
-
+        let env = vec![EnvVariable::new("TERM", "xterm-256color")];
         let method = AuthMethod::Terminal(
             AuthMethodTerminal::new("tui-auth", "Terminal Auth")
                 .args(vec!["--interactive".to_string(), "--color".to_string()])
@@ -4516,9 +4509,9 @@ mod test_serialization {
                 "name": "Terminal Auth",
                 "type": "terminal",
                 "args": ["--interactive", "--color"],
-                "env": {
-                    "TERM": "xterm-256color"
-                }
+                "env": [
+                    { "name": "TERM", "value": "xterm-256color" }
+                ]
             })
         );
 
@@ -4527,7 +4520,8 @@ mod test_serialization {
             AuthMethod::Terminal(AuthMethodTerminal { args, env, .. }) => {
                 assert_eq!(args, vec!["--interactive", "--color"]);
                 assert_eq!(env.len(), 1);
-                assert_eq!(env.get("TERM").unwrap(), "xterm-256color");
+                assert_eq!(env[0].name, "TERM");
+                assert_eq!(env[0].value, "xterm-256color");
             }
             _ => panic!("Expected Terminal variant"),
         }