diff --git a/src/ReC.Application/Common/Dto/RecActionDto.cs b/src/ReC.Application/Common/Dto/RecActionDto.cs
index 800de52..f94e61e 100644
--- a/src/ReC.Application/Common/Dto/RecActionDto.cs
+++ b/src/ReC.Application/Common/Dto/RecActionDto.cs
@@ -21,7 +21,7 @@ public record RecActionDto
 
     public long? EndpointAuthId { get; init; }
 
-    public string? EndpointAuthType { get; init; }
+    public EndpointAuthType? EndpointAuthType { get; init; }
 
     public string? EndpointAuthApiKey { get; init; }
 
diff --git a/src/ReC.Application/RecActions/Commands/InvokeRecActionCommand.cs b/src/ReC.Application/RecActions/Commands/InvokeRecActionCommand.cs
index 18d4c94..5e66c31 100644
--- a/src/ReC.Application/RecActions/Commands/InvokeRecActionCommand.cs
+++ b/src/ReC.Application/RecActions/Commands/InvokeRecActionCommand.cs
@@ -58,10 +58,10 @@ public class InvokeRecActionCommandHandler(
 
         switch (action.EndpointAuthType)
         {
-            case "No Auth":
+            case EndpointAuthType.NoAuth:
                 break;
 
-            case "API Key":
+            case EndpointAuthType.ApiKey:
                 if (action.EndpointAuthApiKey is string apiKey && action.EndpointAuthApiValue is string apiValue)
                 {
                     switch (action.EndpointAuthApiKeyAddTo)
@@ -86,14 +86,14 @@ public class InvokeRecActionCommandHandler(
                 }
                 break;
 
-            case "Bearer Token":
-            case "JWT Bearer":
-            case "OAuth 2.0": // OAuth 2.0 uses Bearer tokens for authenticated requests
+            case EndpointAuthType.BearerToken:
+            case EndpointAuthType.JwtBearer:
+            case EndpointAuthType.OAuth2:
                 if (action.EndpointAuthToken is string authToken)
                     httpReq.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authToken);
                 break;
 
-            case "Basic Auth":
+            case EndpointAuthType.BasicAuth:
                 if (action.EndpointAuthUsername is string authUsername && action.EndpointAuthPassword is string authPassword)
                 {
                     var basicAuth = Convert.ToBase64String(Encoding.UTF8.GetBytes($"{authUsername}:{authPassword}"));
@@ -101,7 +101,7 @@ public class InvokeRecActionCommandHandler(
                 }
                 break;
 
-            case "NTLM Auth":
+            case EndpointAuthType.NtlmAuth:
                 if (!string.IsNullOrWhiteSpace(action.EndpointAuthUsername))
                 {
                     var credentials = new NetworkCredential(
@@ -113,9 +113,9 @@ public class InvokeRecActionCommandHandler(
                 }
                 break;
 
-            case "Digest Auth":
-            case "OAuth 1.0":
-            case "AWS Signature":
+            case EndpointAuthType.DigestAuth:
+            case EndpointAuthType.OAuth1:
+            case EndpointAuthType.AwsSignature:
             // These authentication methods require more complex implementations,
             // often involving multi-step handshakes or specialized libraries.
             // They are left as placeholders for future implementation.