diff --git a/src/ReC.Application/RecActions/Commands/InvokeRecActionCommand.cs b/src/ReC.Application/RecActions/Commands/InvokeRecActionCommand.cs
index d4f33e1..4ae67bf 100644
--- a/src/ReC.Application/RecActions/Commands/InvokeRecActionCommand.cs
+++ b/src/ReC.Application/RecActions/Commands/InvokeRecActionCommand.cs
@@ -4,6 +4,9 @@ using ReC.Application.Common;
 using ReC.Application.Common.Dto;
 using ReC.Application.Common.Exceptions;
 using ReC.Application.OutResults.Commands;
+using System.Net;
+using System.Net.Http.Headers;
+using System.Text;
 using System.Text.Json;
 
 namespace ReC.Application.RecActions.Commands;
@@ -27,7 +30,17 @@ public class InvokeRecActionCommandHandler(
     public async Task<bool> Handle(InvokeRecActionCommand request, CancellationToken cancel)
     {
         var action = request.Action;
-        using var http = clientFactory.CreateClient();
+
+        var handler = new HttpClientHandler();
+        if (action.EndpointAuthType == "NTLM Auth" && !string.IsNullOrWhiteSpace(action.EndpointAuthUsername))
+        {
+            handler.Credentials = new NetworkCredential(
+                action.EndpointAuthUsername,
+                action.EndpointAuthPassword,
+                action.EndpointAuthDomain);
+        }
+        
+        using var http = new HttpClient(handler);
 
         if (action.RestType is null)
             throw new DataIntegrityException(
@@ -54,23 +67,51 @@ public class InvokeRecActionCommandHandler(
         {
             case "No Auth":
                 break;
+
             case "API Key":
+                if (action.EndpointAuthApiKey is string apiKey && action.EndpointAuthApiValue is string apiValue)
+                {
+                    if (action.EndpointAuthApiKeyAddTo == "Header")
+                    {
+                        httpReq.Headers.Add(apiKey, apiValue);
+                    }
+                    else // Defaults to Query String
+                    {
+                        var uriBuilder = new UriBuilder(httpReq.RequestUri!);
+                        var query = System.Web.HttpUtility.ParseQueryString(uriBuilder.Query);
+                        query[apiKey] = apiValue;
+                        uriBuilder.Query = query.ToString();
+                        httpReq.RequestUri = uriBuilder.Uri;
+                    }
+                }
                 break;
+
             case "Bearer Token":
-                break;
             case "JWT Bearer":
+            case "OAuth 2.0": // OAuth 2.0 uses Bearer tokens for authenticated requests
+                if (action.EndpointAuthToken is string authToken)
+                    httpReq.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authToken);
                 break;
+
             case "Basic Auth":
+                if (action.EndpointAuthUsername is string authUsername && action.EndpointAuthPassword is string authPassword)
+                {
+                    var basicAuth = Convert.ToBase64String(Encoding.UTF8.GetBytes($"{authUsername}:{authPassword}"));
+                    httpReq.Headers.Authorization = new AuthenticationHeaderValue("Basic", basicAuth);
+                }
                 break;
-            case "Digest Auth":
-                break;
-            case "OAuth 1.0":
-                break;
-            case "OAuth 2.0":
-                break;
-            case "AWS Signature":
-                break;
+            
             case "NTLM Auth":
+                // NTLM authentication is configured on the HttpClientHandler before creating the HttpClient.
+                // No additional action is needed here.
+                break;
+
+            case "Digest Auth":
+            case "OAuth 1.0":
+            case "AWS Signature":
+                // These authentication methods require more complex implementations,
+                // often involving multi-step handshakes or specialized libraries.
+                // They are left as placeholders for future implementation.
                 break;
         }