diff --git a/tests/ReC.Tests/Client/EndpointAuthApiTests.cs b/tests/ReC.Tests/Client/EndpointAuthApiTests.cs
new file mode 100644
index 0000000..98bf082
--- /dev/null
+++ b/tests/ReC.Tests/Client/EndpointAuthApiTests.cs
@@ -0,0 +1,91 @@
+using ReC.Application.Common.Procedures.UpdateProcedure.Dto;
+using ReC.Application.EndpointAuth.Commands;
+using ReC.Client;
+
+namespace ReC.Tests.Client;
+
+[TestFixture]
+public class EndpointAuthApiTests : RecClientTestBase
+{
+    [Test]
+    public void ReCClient_endpoint_auth_api_is_resolvable_through_dependency_injection()
+    {
+        var (client, scope) = CreateScopedClient();
+        using var _ = scope;
+
+        Assert.That(client, Is.Not.Null);
+        Assert.That(client.EndpointAuth, Is.Not.Null);
+    }
+
+    [Test]
+    public void CreateAsync_with_minimal_payload_throws_or_completes()
+    {
+        var (client, scope) = CreateScopedClient();
+        using var _ = scope;
+
+        var payload = new InsertEndpointAuthCommand
+        {
+            Active = true,
+            Description = "integration-test-auth",
+            TypeId = 1
+        };
+
+        try
+        {
+            client.EndpointAuth.CreateAsync(payload).GetAwaiter().GetResult();
+            Assert.Pass("Create completed.");
+        }
+        catch (ReCApiException ex)
+        {
+            Assert.That(ex.Method, Is.EqualTo("POST"));
+            Assert.That(ex.RequestUri!.AbsolutePath, Does.EndWith("api/EndpointAuth"));
+        }
+    }
+
+    [Test]
+    public void UpdateAsync_with_unknown_id_throws_or_completes()
+    {
+        var (client, scope) = CreateScopedClient();
+        using var _ = scope;
+
+        var payload = new UpdateEndpointAuthDto
+        {
+            Active = false,
+            Description = "updated"
+        };
+
+        try
+        {
+            client.EndpointAuth.UpdateAsync(long.MaxValue, payload).GetAwaiter().GetResult();
+            Assert.Pass("Update completed.");
+        }
+        catch (ReCApiException ex)
+        {
+            Assert.That(ex.Method, Is.EqualTo("PUT"));
+        }
+    }
+
+    [Test]
+    public void DeleteAsync_sends_payload_as_query_string()
+    {
+        var (client, scope) = CreateScopedClient();
+        using var _ = scope;
+
+        var payload = new DeleteEndpointAuthCommand
+        {
+            Start = long.MaxValue - 1,
+            End = long.MaxValue,
+            Force = false
+        };
+
+        try
+        {
+            client.EndpointAuth.DeleteAsync(payload).GetAwaiter().GetResult();
+        }
+        catch (ReCApiException ex)
+        {
+            Assert.That(ex.Method, Is.EqualTo("DELETE"));
+            Assert.That(ex.RequestUri!.Query, Does.Contain("Start=").And.Contains("End=").And.Contains("Force="));
+        }
+    }
+}