From 4618b06e350a75336cfad56f589224929e4f8a7a Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 21 Jan 2026 17:00:22 +0000
Subject: [PATCH 01/18] Initial plan


From e4c09d2080d3da6462a55a57d39326f6a6153eaf Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 21 Jan 2026 17:07:49 +0000
Subject: [PATCH 02/18] Updated plan with new requirements

Co-authored-by: JerryNixon <1749983+JerryNixon@users.noreply.github.com>
---
 src/Config/ObjectModel/AuthenticationOptions.cs        | 10 +++++++++-
 .../AuthenticationHelpers/SupportedAuthNProviders.cs   |  2 ++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/Config/ObjectModel/AuthenticationOptions.cs b/src/Config/ObjectModel/AuthenticationOptions.cs
index a937168493..036f55876f 100644
--- a/src/Config/ObjectModel/AuthenticationOptions.cs
+++ b/src/Config/ObjectModel/AuthenticationOptions.cs
@@ -32,9 +32,17 @@ public record AuthenticationOptions(string Provider = nameof(EasyAuthType.AppSer
     /// <returns>True when development mode should authenticate all requests.</returns>
     public bool IsAuthenticationSimulatorEnabled() => Provider.Equals(SIMULATOR_AUTHENTICATION, StringComparison.OrdinalIgnoreCase);
 
+    public const string UNAUTHENTICATED_AUTHENTICATION = "Unauthenticated";
+
+    /// <summary>
+    /// Returns whether the configured Provider value matches the unauthenticated authentication type.
+    /// </summary>
+    /// <returns>True when all operations run as anonymous.</returns>
+    public bool IsUnauthenticatedAuthenticationProvider() => Provider.Equals(UNAUTHENTICATED_AUTHENTICATION, StringComparison.OrdinalIgnoreCase);
+
     /// <summary>
     /// A shorthand method to determine whether JWT is configured for the current authentication provider.
     /// </summary>
     /// <returns>True if the provider is enabled for JWT, otherwise false.</returns>
-    public bool IsJwtConfiguredIdentityProvider() => !IsEasyAuthAuthenticationProvider() && !IsAuthenticationSimulatorEnabled();
+    public bool IsJwtConfiguredIdentityProvider() => !IsEasyAuthAuthenticationProvider() && !IsAuthenticationSimulatorEnabled() && !IsUnauthenticatedAuthenticationProvider();
 };
diff --git a/src/Core/AuthenticationHelpers/SupportedAuthNProviders.cs b/src/Core/AuthenticationHelpers/SupportedAuthNProviders.cs
index 70a6809074..cc543ee28e 100644
--- a/src/Core/AuthenticationHelpers/SupportedAuthNProviders.cs
+++ b/src/Core/AuthenticationHelpers/SupportedAuthNProviders.cs
@@ -14,4 +14,6 @@ internal static class SupportedAuthNProviders
     public const string SIMULATOR = "Simulator";
 
     public const string STATIC_WEB_APPS = "StaticWebApps";
+
+    public const string UNAUTHENTICATED = "Unauthenticated";
 }

From f63c338416d928e0316359c039438e8cb0c552b3 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 21 Jan 2026 17:19:23 +0000
Subject: [PATCH 03/18] Add Unauthenticated authentication provider with CLI
 support, tests, and JSON schema

Co-authored-by: JerryNixon <1749983+JerryNixon@users.noreply.github.com>
---
 global.json                                   |  2 +-
 schemas/dab.draft.schema.json                 |  4 ++
 src/Cli.Tests/InitTests.cs                    |  1 +
 ...ionProviders_47836da0dfbdc458.verified.txt | 50 +++++++++++++++++++
 src/Cli.Tests/ValidateConfigTests.cs          | 33 ++++++++++++
 src/Cli/ConfigGenerator.cs                    | 22 ++++++++
 src/Cli/Utils.cs                              |  7 +--
 ...nticatedAuthenticationBuilderExtensions.cs | 34 +++++++++++++
 .../UnauthenticatedAuthenticationDefaults.cs  | 15 ++++++
 .../UnauthenticatedAuthenticationHandler.cs   | 49 ++++++++++++++++++
 src/Service/Startup.cs                        | 11 +++-
 11 files changed, 222 insertions(+), 6 deletions(-)
 create mode 100644 src/Cli.Tests/Snapshots/InitTests.EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders_47836da0dfbdc458.verified.txt
 create mode 100644 src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationBuilderExtensions.cs
 create mode 100644 src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationDefaults.cs
 create mode 100644 src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationHandler.cs

diff --git a/global.json b/global.json
index 1bdb496ef0..285b9d3725 100644
--- a/global.json
+++ b/global.json
@@ -1,6 +1,6 @@
 {
   "sdk": {
-    "version": "8.0.417",
+    "version": "8.0.416",
     "rollForward": "latestFeature"
   }
 }
diff --git a/schemas/dab.draft.schema.json b/schemas/dab.draft.schema.json
index b684cc28ac..b441b57303 100644
--- a/schemas/dab.draft.schema.json
+++ b/schemas/dab.draft.schema.json
@@ -368,6 +368,10 @@
                     {
                       "const": "Custom",
                       "description": "Custom authentication provider defined by the user. Use the JWT property to configure the custom provider."
+                    },
+                    {
+                      "const": "Unauthenticated",
+                      "description": "Unauthenticated provider where all operations run as anonymous. Use when Data API builder is behind an app gateway or APIM where authentication is handled externally."
                     }
                   ],
                   "default": "AppService"
diff --git a/src/Cli.Tests/InitTests.cs b/src/Cli.Tests/InitTests.cs
index 051bfdf7a7..96ba1ad66b 100644
--- a/src/Cli.Tests/InitTests.cs
+++ b/src/Cli.Tests/InitTests.cs
@@ -301,6 +301,7 @@ public void EnsureFailureOnReInitializingExistingConfig()
         [DataRow("StaticWebApps", null, null, DisplayName = "StaticWebApps with no audience and no issuer specified.")]
         [DataRow("AppService", null, null, DisplayName = "AppService with no audience and no issuer specified.")]
         [DataRow("Simulator", null, null, DisplayName = "Simulator with no audience and no issuer specified.")]
+        [DataRow("Unauthenticated", null, null, DisplayName = "Unauthenticated with no audience and no issuer specified.")]
         [DataRow("AzureAD", "aud-xxx", "issuer-xxx", DisplayName = "AzureAD with both audience and issuer specified.")]
         [DataRow("EntraID", "aud-xxx", "issuer-xxx", DisplayName = "EntraID with both audience and issuer specified.")]
         public Task EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders(
diff --git a/src/Cli.Tests/Snapshots/InitTests.EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders_47836da0dfbdc458.verified.txt b/src/Cli.Tests/Snapshots/InitTests.EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders_47836da0dfbdc458.verified.txt
new file mode 100644
index 0000000000..55843cf207
--- /dev/null
+++ b/src/Cli.Tests/Snapshots/InitTests.EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders_47836da0dfbdc458.verified.txt
@@ -0,0 +1,50 @@
+{
+  DataSource: {
+    DatabaseType: MSSQL,
+    Options: {
+      set-session-context: false
+    }
+  },
+  Runtime: {
+    Rest: {
+      Enabled: true,
+      Path: /api,
+      RequestBodyStrict: true
+    },
+    GraphQL: {
+      Enabled: true,
+      Path: /graphql,
+      AllowIntrospection: true
+    },
+    Mcp: {
+      Enabled: true,
+      Path: /mcp,
+      DmlTools: {
+        AllToolsEnabled: true,
+        DescribeEntities: true,
+        CreateRecord: true,
+        ReadRecords: true,
+        UpdateRecord: true,
+        DeleteRecord: true,
+        ExecuteEntity: true,
+        UserProvidedAllTools: false,
+        UserProvidedDescribeEntities: false,
+        UserProvidedCreateRecord: false,
+        UserProvidedReadRecords: false,
+        UserProvidedUpdateRecord: false,
+        UserProvidedDeleteRecord: false,
+        UserProvidedExecuteEntity: false
+      }
+    },
+    Host: {
+      Cors: {
+        AllowCredentials: false
+      },
+      Authentication: {
+        Provider: Unauthenticated
+      },
+      Mode: Production
+    }
+  },
+  Entities: []
+}
diff --git a/src/Cli.Tests/ValidateConfigTests.cs b/src/Cli.Tests/ValidateConfigTests.cs
index e40a32e291..a92ac07c2b 100644
--- a/src/Cli.Tests/ValidateConfigTests.cs
+++ b/src/Cli.Tests/ValidateConfigTests.cs
@@ -1,6 +1,7 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
 
+using Azure.DataApiBuilder.Config.ObjectModel;
 using Azure.DataApiBuilder.Core.Configurations;
 using Azure.DataApiBuilder.Core.Models;
 using Serilog;
@@ -359,4 +360,36 @@ private async Task ValidatePropertyOptionsFails(ConfigureOptions options)
         JsonSchemaValidationResult result = await validator.ValidateConfigSchema(config, TEST_RUNTIME_CONFIG_FILE, mockLoggerFactory.Object);
         Assert.IsFalse(result.IsValid);
     }
+
+    /// <summary>
+    /// Test that the Unauthenticated provider is correctly identified by the IsUnauthenticatedAuthenticationProvider method.
+    /// </summary>
+    [TestMethod]
+    public void TestIsUnauthenticatedAuthenticationProviderMethod()
+    {
+        // Test with Unauthenticated provider
+        AuthenticationOptions unauthenticatedOptions = new(Provider: "Unauthenticated");
+        Assert.IsTrue(unauthenticatedOptions.IsUnauthenticatedAuthenticationProvider());
+
+        // Test case-insensitivity
+        AuthenticationOptions unauthenticatedOptionsLower = new(Provider: "unauthenticated");
+        Assert.IsTrue(unauthenticatedOptionsLower.IsUnauthenticatedAuthenticationProvider());
+
+        // Test that other providers are not identified as Unauthenticated
+        AuthenticationOptions appServiceOptions = new(Provider: "AppService");
+        Assert.IsFalse(appServiceOptions.IsUnauthenticatedAuthenticationProvider());
+
+        AuthenticationOptions simulatorOptions = new(Provider: "Simulator");
+        Assert.IsFalse(simulatorOptions.IsUnauthenticatedAuthenticationProvider());
+    }
+
+    /// <summary>
+    /// Test that Unauthenticated provider does not require JWT configuration.
+    /// </summary>
+    [TestMethod]
+    public void TestUnauthenticatedProviderDoesNotRequireJwt()
+    {
+        AuthenticationOptions unauthenticatedOptions = new(Provider: "Unauthenticated");
+        Assert.IsFalse(unauthenticatedOptions.IsJwtConfiguredIdentityProvider());
+    }
 }
diff --git a/src/Cli/ConfigGenerator.cs b/src/Cli/ConfigGenerator.cs
index 648edc1950..e0e36a1851 100644
--- a/src/Cli/ConfigGenerator.cs
+++ b/src/Cli/ConfigGenerator.cs
@@ -2444,6 +2444,28 @@ public static bool IsConfigValid(ValidateOptions options, FileSystemRuntimeConfi
                             }
                         }
                     }
+
+                    // Warn if Unauthenticated provider is used with authenticated or custom roles
+                    if (config.Runtime?.Host?.Authentication?.IsUnauthenticatedAuthenticationProvider() == true)
+                    {
+                        foreach (KeyValuePair<string, Entity> entity in config.Entities)
+                        {
+                            if (entity.Value.Permissions is not null)
+                            {
+                                foreach (EntityPermission permission in entity.Value.Permissions)
+                                {
+                                    if (!permission.Role.Equals("anonymous", StringComparison.OrdinalIgnoreCase))
+                                    {
+                                        _logger.LogWarning(
+                                            "Entity '{EntityName}' has permission configured for role '{Role}' but authentication provider is 'Unauthenticated'. " +
+                                            "All requests will be treated as anonymous.",
+                                            entity.Key,
+                                            permission.Role);
+                                    }
+                                }
+                            }
+                        }
+                    }
                 }
             }
 
diff --git a/src/Cli/Utils.cs b/src/Cli/Utils.cs
index 48edd4411c..28d61e18b8 100644
--- a/src/Cli/Utils.cs
+++ b/src/Cli/Utils.cs
@@ -516,11 +516,12 @@ public static bool ValidateAudienceAndIssuerForJwtProvider(
             string? issuer)
         {
             if (Enum.TryParse<EasyAuthType>(authenticationProvider, ignoreCase: true, out _)
-                || AuthenticationOptions.SIMULATOR_AUTHENTICATION == authenticationProvider)
+                || AuthenticationOptions.SIMULATOR_AUTHENTICATION == authenticationProvider
+                || AuthenticationOptions.UNAUTHENTICATED_AUTHENTICATION.Equals(authenticationProvider, StringComparison.OrdinalIgnoreCase))
             {
                 if (!(string.IsNullOrWhiteSpace(audience)) || !(string.IsNullOrWhiteSpace(issuer)))
                 {
-                    _logger.LogWarning("Audience and Issuer can't be set for EasyAuth or Simulator authentication.");
+                    _logger.LogWarning("Audience and Issuer can't be set for EasyAuth, Simulator, or Unauthenticated authentication.");
                     return true;
                 }
             }
@@ -528,7 +529,7 @@ public static bool ValidateAudienceAndIssuerForJwtProvider(
             {
                 if (string.IsNullOrWhiteSpace(audience) || string.IsNullOrWhiteSpace(issuer))
                 {
-                    _logger.LogError($"Authentication providers other than EasyAuth and Simulator require both Audience and Issuer.");
+                    _logger.LogError($"Authentication providers other than EasyAuth, Simulator, and Unauthenticated require both Audience and Issuer.");
                     return false;
                 }
             }
diff --git a/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationBuilderExtensions.cs b/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationBuilderExtensions.cs
new file mode 100644
index 0000000000..acb69d1755
--- /dev/null
+++ b/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationBuilderExtensions.cs
@@ -0,0 +1,34 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+using Microsoft.AspNetCore.Authentication;
+
+namespace Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthenticationHandler;
+
+/// <summary>
+/// Extension methods related to Unauthenticated authentication.
+/// This class allows setting up Unauthenticated authentication in the startup class with
+/// a single call to .AddAuthentiction(scheme).AddUnauthenticatedAuthentication()
+/// </summary>
+public static class UnauthenticatedAuthenticationBuilderExtensions
+{
+    /// <summary>
+    /// Add authentication with Unauthenticated provider.
+    /// </summary>
+    /// <param name="builder">Authentication builder.</param>
+    /// <returns>The builder, to chain commands.</returns>
+    public static AuthenticationBuilder AddUnauthenticatedAuthentication(this AuthenticationBuilder builder)
+    {
+        if (builder is null)
+        {
+            throw new System.ArgumentNullException(nameof(builder));
+        }
+
+        builder.AddScheme<AuthenticationSchemeOptions, UnauthenticatedAuthenticationHandler>(
+            authenticationScheme: UnauthenticatedAuthenticationDefaults.AUTHENTICATIONSCHEME,
+            displayName: UnauthenticatedAuthenticationDefaults.AUTHENTICATIONSCHEME,
+            configureOptions: null);
+
+        return builder;
+    }
+}
diff --git a/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationDefaults.cs b/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationDefaults.cs
new file mode 100644
index 0000000000..03f8222ecd
--- /dev/null
+++ b/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationDefaults.cs
@@ -0,0 +1,15 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+namespace Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthenticationHandler;
+
+/// <summary>
+/// Default values related to UnauthenticatedAuthentication handler.
+/// </summary>
+public static class UnauthenticatedAuthenticationDefaults
+{
+    /// <summary>
+    /// The default value used for UnauthenticatedAuthenticationOptions.AuthenticationScheme.
+    /// </summary>
+    public const string AUTHENTICATIONSCHEME = "UnauthenticatedAuthentication";
+}
diff --git a/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationHandler.cs b/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationHandler.cs
new file mode 100644
index 0000000000..552e44b228
--- /dev/null
+++ b/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationHandler.cs
@@ -0,0 +1,49 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+using System.Security.Claims;
+using System.Text.Encodings.Web;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Options;
+
+namespace Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthenticationHandler;
+
+/// <summary>
+/// This class is used to best integrate with ASP.NET Core AuthenticationHandler base class.
+/// When "Unauthenticated" is configured, this handler authenticates the user as anonymous,
+/// without reading any HTTP authentication headers.
+/// </summary>
+public class UnauthenticatedAuthenticationHandler : AuthenticationHandler<AuthenticationSchemeOptions>
+{
+    /// <summary>
+    /// Constructor for the UnauthenticatedAuthenticationHandler.
+    /// Note the parameters are required by the base class.
+    /// </summary>
+    /// <param name="options">Authentication options.</param>
+    /// <param name="logger">Logger factory.</param>
+    /// <param name="encoder">URL encoder.</param>
+    public UnauthenticatedAuthenticationHandler(
+        IOptionsMonitor<AuthenticationSchemeOptions> options,
+        ILoggerFactory logger,
+        UrlEncoder encoder)
+        : base(options, logger, encoder)
+    {
+    }
+
+    /// <summary>
+    /// Returns an unauthenticated ClaimsPrincipal for all requests.
+    /// The ClaimsPrincipal has no identity and no claims, representing an anonymous user.
+    /// </summary>
+    /// <returns>An authentication result to ASP.NET Core library authentication mechanisms</returns>
+    protected override Task<AuthenticateResult> HandleAuthenticateAsync()
+    {
+        // ClaimsIdentity without authenticationType means the user is not authenticated (anonymous)
+        ClaimsIdentity identity = new();
+        ClaimsPrincipal claimsPrincipal = new(identity);
+
+        AuthenticationTicket ticket = new(claimsPrincipal, UnauthenticatedAuthenticationDefaults.AUTHENTICATIONSCHEME);
+        AuthenticateResult success = AuthenticateResult.Success(ticket);
+        return Task.FromResult(success);
+    }
+}
diff --git a/src/Service/Startup.cs b/src/Service/Startup.cs
index 333bf57234..e61154fc90 100644
--- a/src/Service/Startup.cs
+++ b/src/Service/Startup.cs
@@ -13,6 +13,7 @@
 using Azure.DataApiBuilder.Config.Utilities;
 using Azure.DataApiBuilder.Core.AuthenticationHelpers;
 using Azure.DataApiBuilder.Core.AuthenticationHelpers.AuthenticationSimulator;
+using Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthenticationHandler;
 using Azure.DataApiBuilder.Core.Authorization;
 using Azure.DataApiBuilder.Core.Configurations;
 using Azure.DataApiBuilder.Core.Models;
@@ -772,7 +773,7 @@ private void ConfigureAuthentication(IServiceCollection services, RuntimeConfigP
             {
                 AuthenticationOptions authOptions = runtimeConfig.Runtime.Host.Authentication;
                 HostMode mode = runtimeConfig.Runtime.Host.Mode;
-                if (!authOptions.IsAuthenticationSimulatorEnabled() && !authOptions.IsEasyAuthAuthenticationProvider())
+                if (!authOptions.IsAuthenticationSimulatorEnabled() && !authOptions.IsEasyAuthAuthenticationProvider() && !authOptions.IsUnauthenticatedAuthenticationProvider())
                 {
                     services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                     .AddJwtBearer(options =>
@@ -809,6 +810,11 @@ private void ConfigureAuthentication(IServiceCollection services, RuntimeConfigP
                     _logger.LogInformation("Registered EasyAuth scheme: {Scheme}", defaultScheme);
 
                 }
+                else if (authOptions.IsUnauthenticatedAuthenticationProvider())
+                {
+                    services.AddAuthentication(UnauthenticatedAuthenticationDefaults.AUTHENTICATIONSCHEME)
+                        .AddUnauthenticatedAuthentication();
+                }
                 else if (mode == HostMode.Development && authOptions.IsAuthenticationSimulatorEnabled())
                 {
                     services.AddAuthentication(SimulatorAuthenticationDefaults.AUTHENTICATIONSCHEME)
@@ -850,7 +856,8 @@ private static void ConfigureAuthenticationV2(IServiceCollection services, Runti
             services.AddAuthentication()
                     .AddEnvDetectedEasyAuth()
                     .AddJwtBearer()
-                    .AddSimulatorAuthentication();
+                    .AddSimulatorAuthentication()
+                    .AddUnauthenticatedAuthentication();
         }
 
         /// <summary>

From 1a2f6337c54fffcb091340956cdafce3489d30d5 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 21 Jan 2026 17:24:47 +0000
Subject: [PATCH 04/18] Fix typo in
 UnauthenticatedAuthenticationBuilderExtensions comment

Co-authored-by: JerryNixon <1749983+JerryNixon@users.noreply.github.com>
---
 global.json                                                     | 2 +-
 .../UnauthenticatedAuthenticationBuilderExtensions.cs           | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/global.json b/global.json
index 285b9d3725..1bdb496ef0 100644
--- a/global.json
+++ b/global.json
@@ -1,6 +1,6 @@
 {
   "sdk": {
-    "version": "8.0.416",
+    "version": "8.0.417",
     "rollForward": "latestFeature"
   }
 }
diff --git a/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationBuilderExtensions.cs b/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationBuilderExtensions.cs
index acb69d1755..6cf6b79e94 100644
--- a/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationBuilderExtensions.cs
+++ b/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationBuilderExtensions.cs
@@ -8,7 +8,7 @@ namespace Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthent
 /// <summary>
 /// Extension methods related to Unauthenticated authentication.
 /// This class allows setting up Unauthenticated authentication in the startup class with
-/// a single call to .AddAuthentiction(scheme).AddUnauthenticatedAuthentication()
+/// a single call to .AddAuthentication(scheme).AddUnauthenticatedAuthentication()
 /// </summary>
 public static class UnauthenticatedAuthenticationBuilderExtensions
 {

From b6d0fd504a6ac1505eefcbc3efc8becd16730f85 Mon Sep 17 00:00:00 2001
From: Jerry Nixon <1749983+JerryNixon@users.noreply.github.com>
Date: Thu, 22 Jan 2026 09:39:03 -0700
Subject: [PATCH 05/18] Update src/Cli/Utils.cs

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 src/Cli/Utils.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Cli/Utils.cs b/src/Cli/Utils.cs
index 28d61e18b8..c1ff7f2a99 100644
--- a/src/Cli/Utils.cs
+++ b/src/Cli/Utils.cs
@@ -516,7 +516,7 @@ public static bool ValidateAudienceAndIssuerForJwtProvider(
             string? issuer)
         {
             if (Enum.TryParse<EasyAuthType>(authenticationProvider, ignoreCase: true, out _)
-                || AuthenticationOptions.SIMULATOR_AUTHENTICATION == authenticationProvider
+                || AuthenticationOptions.SIMULATOR_AUTHENTICATION.Equals(authenticationProvider, StringComparison.OrdinalIgnoreCase)
                 || AuthenticationOptions.UNAUTHENTICATED_AUTHENTICATION.Equals(authenticationProvider, StringComparison.OrdinalIgnoreCase))
             {
                 if (!(string.IsNullOrWhiteSpace(audience)) || !(string.IsNullOrWhiteSpace(issuer)))

From e3fb034c39a2a8a11ba6fadf00ef36eeec504ba0 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 22 Jan 2026 16:44:08 +0000
Subject: [PATCH 06/18] Address PR review comments: add Unauthenticated scheme
 mapping, use explicit Where() filtering, add unit tests

Co-authored-by: JerryNixon <1749983+JerryNixon@users.noreply.github.com>
---
 src/Cli.Tests/ValidateConfigTests.cs          | 22 +++++++++++++++++++
 src/Cli/ConfigGenerator.cs                    | 20 ++++++-----------
 ...lientRoleHeaderAuthenticationMiddleware.cs |  5 +++++
 3 files changed, 34 insertions(+), 13 deletions(-)

diff --git a/src/Cli.Tests/ValidateConfigTests.cs b/src/Cli.Tests/ValidateConfigTests.cs
index a92ac07c2b..03cac6de82 100644
--- a/src/Cli.Tests/ValidateConfigTests.cs
+++ b/src/Cli.Tests/ValidateConfigTests.cs
@@ -392,4 +392,26 @@ public void TestUnauthenticatedProviderDoesNotRequireJwt()
         AuthenticationOptions unauthenticatedOptions = new(Provider: "Unauthenticated");
         Assert.IsFalse(unauthenticatedOptions.IsJwtConfiguredIdentityProvider());
     }
+
+    /// <summary>
+    /// Test that entities with non-anonymous roles are correctly identified when
+    /// Unauthenticated provider is configured. This validates the core detection logic
+    /// used by IsConfigValid to emit warnings.
+    /// </summary>
+    [DataTestMethod]
+    [DataRow("authenticated", true, DisplayName = "Authenticated role should be flagged as non-anonymous")]
+    [DataRow("customRole", true, DisplayName = "Custom role should be flagged as non-anonymous")]
+    [DataRow("anonymous", false, DisplayName = "Anonymous role should not be flagged")]
+    [DataRow("Anonymous", false, DisplayName = "Anonymous role (case-insensitive) should not be flagged")]
+    public void TestUnauthenticatedProviderNonAnonymousRoleDetection(string role, bool shouldWarn)
+    {
+        // Arrange: Create an entity permission with the specified role
+        EntityPermission permission = new(Role: role, Actions: new EntityAction[] { new(Action: EntityActionOperation.Read, Fields: null, Policy: null) });
+
+        // Act: Check if the role is non-anonymous (the logic used in IsConfigValid)
+        bool isNonAnonymous = !permission.Role.Equals("anonymous", StringComparison.OrdinalIgnoreCase);
+
+        // Assert: Verify the detection logic works correctly
+        Assert.AreEqual(shouldWarn, isNonAnonymous, $"Role '{role}' detection mismatch");
+    }
 }
diff --git a/src/Cli/ConfigGenerator.cs b/src/Cli/ConfigGenerator.cs
index e0e36a1851..ec9b0cd3d3 100644
--- a/src/Cli/ConfigGenerator.cs
+++ b/src/Cli/ConfigGenerator.cs
@@ -2448,21 +2448,15 @@ public static bool IsConfigValid(ValidateOptions options, FileSystemRuntimeConfi
                     // Warn if Unauthenticated provider is used with authenticated or custom roles
                     if (config.Runtime?.Host?.Authentication?.IsUnauthenticatedAuthenticationProvider() == true)
                     {
-                        foreach (KeyValuePair<string, Entity> entity in config.Entities)
+                        foreach (KeyValuePair<string, Entity> entity in config.Entities.Where(e => e.Value.Permissions is not null))
                         {
-                            if (entity.Value.Permissions is not null)
+                            foreach (EntityPermission permission in entity.Value.Permissions!.Where(p => !p.Role.Equals("anonymous", StringComparison.OrdinalIgnoreCase)))
                             {
-                                foreach (EntityPermission permission in entity.Value.Permissions)
-                                {
-                                    if (!permission.Role.Equals("anonymous", StringComparison.OrdinalIgnoreCase))
-                                    {
-                                        _logger.LogWarning(
-                                            "Entity '{EntityName}' has permission configured for role '{Role}' but authentication provider is 'Unauthenticated'. " +
-                                            "All requests will be treated as anonymous.",
-                                            entity.Key,
-                                            permission.Role);
-                                    }
-                                }
+                                _logger.LogWarning(
+                                    "Entity '{EntityName}' has permission configured for role '{Role}' but authentication provider is 'Unauthenticated'. " +
+                                    "All requests will be treated as anonymous.",
+                                    entity.Key,
+                                    permission.Role);
                             }
                         }
                     }
diff --git a/src/Core/AuthenticationHelpers/ClientRoleHeaderAuthenticationMiddleware.cs b/src/Core/AuthenticationHelpers/ClientRoleHeaderAuthenticationMiddleware.cs
index c83de9ed3a..513e81a137 100644
--- a/src/Core/AuthenticationHelpers/ClientRoleHeaderAuthenticationMiddleware.cs
+++ b/src/Core/AuthenticationHelpers/ClientRoleHeaderAuthenticationMiddleware.cs
@@ -4,6 +4,7 @@
 using System.Security.Claims;
 using Azure.DataApiBuilder.Config.ObjectModel;
 using Azure.DataApiBuilder.Core.AuthenticationHelpers.AuthenticationSimulator;
+using Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthenticationHandler;
 using Azure.DataApiBuilder.Core.Authorization;
 using Azure.DataApiBuilder.Core.Configurations;
 using Azure.DataApiBuilder.Core.Models;
@@ -192,6 +193,10 @@ private static string ResolveConfiguredAuthNScheme(string? configuredProviderNam
         {
             return SimulatorAuthenticationDefaults.AUTHENTICATIONSCHEME;
         }
+        else if (string.Equals(configuredProviderName, SupportedAuthNProviders.UNAUTHENTICATED, StringComparison.OrdinalIgnoreCase))
+        {
+            return UnauthenticatedAuthenticationDefaults.AUTHENTICATIONSCHEME;
+        }
         else if (string.Equals(configuredProviderName, SupportedAuthNProviders.AZURE_AD, StringComparison.OrdinalIgnoreCase) ||
             string.Equals(configuredProviderName, SupportedAuthNProviders.ENTRA_ID, StringComparison.OrdinalIgnoreCase))
         {

From f0b25d0d8d9d4ac36a3fb42e92c5efc6ab358b8d Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 28 Jan 2026 00:26:43 +0000
Subject: [PATCH 07/18] Address PR review comments: rename folder, update docs,
 simplify warning, add tests

Co-authored-by: RubenCerna2079 <32799214+RubenCerna2079@users.noreply.github.com>
---
 src/Cli.Tests/ConfigureOptionsTests.cs        |  1 +
 src/Cli.Tests/EndToEndTests.cs                |  5 +-
 src/Cli.Tests/UtilsTests.cs                   |  4 ++
 src/Cli.Tests/ValidateConfigTests.cs          | 54 -------------------
 src/Cli/ConfigGenerator.cs                    | 18 +++----
 .../ObjectModel/AuthenticationOptions.cs      |  4 +-
 ...lientRoleHeaderAuthenticationMiddleware.cs |  2 +-
 ...nticatedAuthenticationBuilderExtensions.cs |  2 +-
 .../UnauthenticatedAuthenticationDefaults.cs  |  2 +-
 .../UnauthenticatedAuthenticationHandler.cs   |  3 +-
 .../AuthenticationConfigValidatorUnitTests.cs | 19 +++++++
 src/Service/Startup.cs                        |  2 +-
 12 files changed, 45 insertions(+), 71 deletions(-)
 rename src/Core/AuthenticationHelpers/{UnauthenticatedAuthenticationHandler => UnauthenticatedAuthentication}/UnauthenticatedAuthenticationBuilderExtensions.cs (97%)
 rename src/Core/AuthenticationHelpers/{UnauthenticatedAuthenticationHandler => UnauthenticatedAuthentication}/UnauthenticatedAuthenticationDefaults.cs (94%)
 rename src/Core/AuthenticationHelpers/{UnauthenticatedAuthenticationHandler => UnauthenticatedAuthentication}/UnauthenticatedAuthenticationHandler.cs (93%)

diff --git a/src/Cli.Tests/ConfigureOptionsTests.cs b/src/Cli.Tests/ConfigureOptionsTests.cs
index 073f349a67..557c8ecbdb 100644
--- a/src/Cli.Tests/ConfigureOptionsTests.cs
+++ b/src/Cli.Tests/ConfigureOptionsTests.cs
@@ -635,6 +635,7 @@ public void TestUpdateCorsAllowCredentialsHostSettings(bool allowCredentialsValu
         [DataRow("Appservice", DisplayName = "Update authentication.provider to AppService for Host.")]
         [DataRow("azuread", DisplayName = "Update authentication.provider to AzureAD for Host.")]
         [DataRow("entraid", DisplayName = "Update authentication.provider to EntraID for Host.")]
+        [DataRow("Unauthenticated", DisplayName = "Update authentication.provider to Unauthenticated for Host.")]
         public void TestUpdateAuthenticationProviderHostSettings(string authenticationProviderValue)
         {
             // Arrange -> all the setup which includes creating options.
diff --git a/src/Cli.Tests/EndToEndTests.cs b/src/Cli.Tests/EndToEndTests.cs
index 99a9b77b6e..685b479312 100644
--- a/src/Cli.Tests/EndToEndTests.cs
+++ b/src/Cli.Tests/EndToEndTests.cs
@@ -1121,12 +1121,15 @@ public async Task TestExitOfRuntimeEngineWithInvalidConfig(
     [DataRow("AppService", true)]
     [DataRow("AzureAD", true)]
     [DataRow("EntraID", true)]
+    [DataRow("Unauthenticated", true)]
     public void TestBaseRouteIsConfigurableForSWA(string authProvider, bool isExceptionExpected)
     {
         string[] initArgs = { "init", "-c", TEST_RUNTIME_CONFIG_FILE, "--host-mode", "development", "--database-type", "mssql",
             "--connection-string", SAMPLE_TEST_CONN_STRING, "--auth.provider", authProvider, "--runtime.base-route", "base-route" };
 
-        if (!Enum.TryParse(authProvider, ignoreCase: true, out EasyAuthType _))
+        if (!Enum.TryParse(authProvider, ignoreCase: true, out EasyAuthType _) &&
+            !authProvider.Equals("Unauthenticated", StringComparison.OrdinalIgnoreCase) &&
+            !authProvider.Equals("Simulator", StringComparison.OrdinalIgnoreCase))
         {
             string[] audIssuers = { "--auth.audience", "aud-xxx", "--auth.issuer", "issuer-xxx" };
             initArgs = initArgs.Concat(audIssuers).ToArray();
diff --git a/src/Cli.Tests/UtilsTests.cs b/src/Cli.Tests/UtilsTests.cs
index b02649339d..3b7a108867 100644
--- a/src/Cli.Tests/UtilsTests.cs
+++ b/src/Cli.Tests/UtilsTests.cs
@@ -203,6 +203,10 @@ public void TestApiPathIsWellFormed(string apiPath, bool expectSuccess)
     [DataRow("Simulator", null, "issuer-xxx", true, DisplayName = "PASS: Issuer ignored with Simulator.")]
     [DataRow("Simulator", "aud-xxx", null, true, DisplayName = "PASS: Audience ignored with Simulator.")]
     [DataRow("Simulator", null, null, true, DisplayName = "PASS: Simulator correctly configured with neither audience nor issuer.")]
+    [DataRow("Unauthenticated", "aud-xxx", "issuer-xxx", true, DisplayName = "PASS: Audience and Issuer ignored with Unauthenticated.")]
+    [DataRow("Unauthenticated", null, "issuer-xxx", true, DisplayName = "PASS: Issuer ignored with Unauthenticated.")]
+    [DataRow("Unauthenticated", "aud-xxx", null, true, DisplayName = "PASS: Audience ignored with Unauthenticated.")]
+    [DataRow("Unauthenticated", null, null, true, DisplayName = "PASS: Unauthenticated correctly configured with neither audience nor issuer.")]
     [DataRow("AzureAD", "aud-xxx", "issuer-xxx", true, DisplayName = "PASS: AzureAD correctly configured with both audience and issuer.")]
     [DataRow("AzureAD", null, "issuer-xxx", false, DisplayName = "FAIL: AzureAD incorrectly configured with no audience specified.")]
     [DataRow("AzureAD", "aud-xxx", null, false, DisplayName = "FAIL: AzureAD incorrectly configured with no issuer specified.")]
diff --git a/src/Cli.Tests/ValidateConfigTests.cs b/src/Cli.Tests/ValidateConfigTests.cs
index 03cac6de82..22364712e7 100644
--- a/src/Cli.Tests/ValidateConfigTests.cs
+++ b/src/Cli.Tests/ValidateConfigTests.cs
@@ -360,58 +360,4 @@ private async Task ValidatePropertyOptionsFails(ConfigureOptions options)
         JsonSchemaValidationResult result = await validator.ValidateConfigSchema(config, TEST_RUNTIME_CONFIG_FILE, mockLoggerFactory.Object);
         Assert.IsFalse(result.IsValid);
     }
-
-    /// <summary>
-    /// Test that the Unauthenticated provider is correctly identified by the IsUnauthenticatedAuthenticationProvider method.
-    /// </summary>
-    [TestMethod]
-    public void TestIsUnauthenticatedAuthenticationProviderMethod()
-    {
-        // Test with Unauthenticated provider
-        AuthenticationOptions unauthenticatedOptions = new(Provider: "Unauthenticated");
-        Assert.IsTrue(unauthenticatedOptions.IsUnauthenticatedAuthenticationProvider());
-
-        // Test case-insensitivity
-        AuthenticationOptions unauthenticatedOptionsLower = new(Provider: "unauthenticated");
-        Assert.IsTrue(unauthenticatedOptionsLower.IsUnauthenticatedAuthenticationProvider());
-
-        // Test that other providers are not identified as Unauthenticated
-        AuthenticationOptions appServiceOptions = new(Provider: "AppService");
-        Assert.IsFalse(appServiceOptions.IsUnauthenticatedAuthenticationProvider());
-
-        AuthenticationOptions simulatorOptions = new(Provider: "Simulator");
-        Assert.IsFalse(simulatorOptions.IsUnauthenticatedAuthenticationProvider());
-    }
-
-    /// <summary>
-    /// Test that Unauthenticated provider does not require JWT configuration.
-    /// </summary>
-    [TestMethod]
-    public void TestUnauthenticatedProviderDoesNotRequireJwt()
-    {
-        AuthenticationOptions unauthenticatedOptions = new(Provider: "Unauthenticated");
-        Assert.IsFalse(unauthenticatedOptions.IsJwtConfiguredIdentityProvider());
-    }
-
-    /// <summary>
-    /// Test that entities with non-anonymous roles are correctly identified when
-    /// Unauthenticated provider is configured. This validates the core detection logic
-    /// used by IsConfigValid to emit warnings.
-    /// </summary>
-    [DataTestMethod]
-    [DataRow("authenticated", true, DisplayName = "Authenticated role should be flagged as non-anonymous")]
-    [DataRow("customRole", true, DisplayName = "Custom role should be flagged as non-anonymous")]
-    [DataRow("anonymous", false, DisplayName = "Anonymous role should not be flagged")]
-    [DataRow("Anonymous", false, DisplayName = "Anonymous role (case-insensitive) should not be flagged")]
-    public void TestUnauthenticatedProviderNonAnonymousRoleDetection(string role, bool shouldWarn)
-    {
-        // Arrange: Create an entity permission with the specified role
-        EntityPermission permission = new(Role: role, Actions: new EntityAction[] { new(Action: EntityActionOperation.Read, Fields: null, Policy: null) });
-
-        // Act: Check if the role is non-anonymous (the logic used in IsConfigValid)
-        bool isNonAnonymous = !permission.Role.Equals("anonymous", StringComparison.OrdinalIgnoreCase);
-
-        // Assert: Verify the detection logic works correctly
-        Assert.AreEqual(shouldWarn, isNonAnonymous, $"Role '{role}' detection mismatch");
-    }
 }
diff --git a/src/Cli/ConfigGenerator.cs b/src/Cli/ConfigGenerator.cs
index ec9b0cd3d3..c501a6c790 100644
--- a/src/Cli/ConfigGenerator.cs
+++ b/src/Cli/ConfigGenerator.cs
@@ -2448,16 +2448,16 @@ public static bool IsConfigValid(ValidateOptions options, FileSystemRuntimeConfi
                     // Warn if Unauthenticated provider is used with authenticated or custom roles
                     if (config.Runtime?.Host?.Authentication?.IsUnauthenticatedAuthenticationProvider() == true)
                     {
-                        foreach (KeyValuePair<string, Entity> entity in config.Entities.Where(e => e.Value.Permissions is not null))
+                        bool hasNonAnonymousRoles = config.Entities
+                            .Where(e => e.Value.Permissions is not null)
+                            .SelectMany(e => e.Value.Permissions!)
+                            .Any(p => !p.Role.Equals("anonymous", StringComparison.OrdinalIgnoreCase));
+
+                        if (hasNonAnonymousRoles)
                         {
-                            foreach (EntityPermission permission in entity.Value.Permissions!.Where(p => !p.Role.Equals("anonymous", StringComparison.OrdinalIgnoreCase)))
-                            {
-                                _logger.LogWarning(
-                                    "Entity '{EntityName}' has permission configured for role '{Role}' but authentication provider is 'Unauthenticated'. " +
-                                    "All requests will be treated as anonymous.",
-                                    entity.Key,
-                                    permission.Role);
-                            }
+                            _logger.LogWarning(
+                                "Authentication provider is 'Unauthenticated' but some entities have permissions configured for non-anonymous roles. " +
+                                "All requests will be treated as anonymous.");
                         }
                     }
                 }
diff --git a/src/Config/ObjectModel/AuthenticationOptions.cs b/src/Config/ObjectModel/AuthenticationOptions.cs
index 036f55876f..b12534412a 100644
--- a/src/Config/ObjectModel/AuthenticationOptions.cs
+++ b/src/Config/ObjectModel/AuthenticationOptions.cs
@@ -35,9 +35,9 @@ public record AuthenticationOptions(string Provider = nameof(EasyAuthType.AppSer
     public const string UNAUTHENTICATED_AUTHENTICATION = "Unauthenticated";
 
     /// <summary>
-    /// Returns whether the configured Provider value matches the unauthenticated authentication type.
+    /// Returns whether the configured Provider value matches the Unauthenticated authentication type.
     /// </summary>
-    /// <returns>True when all operations run as anonymous.</returns>
+    /// <returns>True if Provider is Unauthenticated type.</returns>
     public bool IsUnauthenticatedAuthenticationProvider() => Provider.Equals(UNAUTHENTICATED_AUTHENTICATION, StringComparison.OrdinalIgnoreCase);
 
     /// <summary>
diff --git a/src/Core/AuthenticationHelpers/ClientRoleHeaderAuthenticationMiddleware.cs b/src/Core/AuthenticationHelpers/ClientRoleHeaderAuthenticationMiddleware.cs
index 513e81a137..fa7fdc9a25 100644
--- a/src/Core/AuthenticationHelpers/ClientRoleHeaderAuthenticationMiddleware.cs
+++ b/src/Core/AuthenticationHelpers/ClientRoleHeaderAuthenticationMiddleware.cs
@@ -4,7 +4,7 @@
 using System.Security.Claims;
 using Azure.DataApiBuilder.Config.ObjectModel;
 using Azure.DataApiBuilder.Core.AuthenticationHelpers.AuthenticationSimulator;
-using Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthenticationHandler;
+using Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthentication;
 using Azure.DataApiBuilder.Core.Authorization;
 using Azure.DataApiBuilder.Core.Configurations;
 using Azure.DataApiBuilder.Core.Models;
diff --git a/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationBuilderExtensions.cs b/src/Core/AuthenticationHelpers/UnauthenticatedAuthentication/UnauthenticatedAuthenticationBuilderExtensions.cs
similarity index 97%
rename from src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationBuilderExtensions.cs
rename to src/Core/AuthenticationHelpers/UnauthenticatedAuthentication/UnauthenticatedAuthenticationBuilderExtensions.cs
index 6cf6b79e94..aa15d04933 100644
--- a/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationBuilderExtensions.cs
+++ b/src/Core/AuthenticationHelpers/UnauthenticatedAuthentication/UnauthenticatedAuthenticationBuilderExtensions.cs
@@ -3,7 +3,7 @@
 
 using Microsoft.AspNetCore.Authentication;
 
-namespace Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthenticationHandler;
+namespace Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthentication;
 
 /// <summary>
 /// Extension methods related to Unauthenticated authentication.
diff --git a/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationDefaults.cs b/src/Core/AuthenticationHelpers/UnauthenticatedAuthentication/UnauthenticatedAuthenticationDefaults.cs
similarity index 94%
rename from src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationDefaults.cs
rename to src/Core/AuthenticationHelpers/UnauthenticatedAuthentication/UnauthenticatedAuthenticationDefaults.cs
index 03f8222ecd..ff7f0f2a73 100644
--- a/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationDefaults.cs
+++ b/src/Core/AuthenticationHelpers/UnauthenticatedAuthentication/UnauthenticatedAuthenticationDefaults.cs
@@ -1,7 +1,7 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
 
-namespace Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthenticationHandler;
+namespace Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthentication;
 
 /// <summary>
 /// Default values related to UnauthenticatedAuthentication handler.
diff --git a/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationHandler.cs b/src/Core/AuthenticationHelpers/UnauthenticatedAuthentication/UnauthenticatedAuthenticationHandler.cs
similarity index 93%
rename from src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationHandler.cs
rename to src/Core/AuthenticationHelpers/UnauthenticatedAuthentication/UnauthenticatedAuthenticationHandler.cs
index 552e44b228..c2f0a949fb 100644
--- a/src/Core/AuthenticationHelpers/UnauthenticatedAuthenticationHandler/UnauthenticatedAuthenticationHandler.cs
+++ b/src/Core/AuthenticationHelpers/UnauthenticatedAuthentication/UnauthenticatedAuthenticationHandler.cs
@@ -7,10 +7,11 @@
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
 
-namespace Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthenticationHandler;
+namespace Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthentication;
 
 /// <summary>
 /// This class is used to best integrate with ASP.NET Core AuthenticationHandler base class.
+///     Ref: https://github.com/dotnet/aspnetcore/blob/main/src/Security/Authentication/Core/src/AuthenticationHandler.cs
 /// When "Unauthenticated" is configured, this handler authenticates the user as anonymous,
 /// without reading any HTTP authentication headers.
 /// </summary>
diff --git a/src/Service.Tests/Configuration/AuthenticationConfigValidatorUnitTests.cs b/src/Service.Tests/Configuration/AuthenticationConfigValidatorUnitTests.cs
index 846a34ebee..9a2a9e57dd 100644
--- a/src/Service.Tests/Configuration/AuthenticationConfigValidatorUnitTests.cs
+++ b/src/Service.Tests/Configuration/AuthenticationConfigValidatorUnitTests.cs
@@ -183,6 +183,25 @@ public void ValidateFailureWithUnneededEasyAuthConfig()
             });
         }
 
+        [TestMethod("Unauthenticated provider is correctly identified by IsUnauthenticatedAuthenticationProvider method")]
+        public void ValidateUnauthenticatedProviderIdentification()
+        {
+            // Test with Unauthenticated provider
+            AuthenticationOptions unauthenticatedOptions = new(Provider: "Unauthenticated");
+            Assert.IsTrue(unauthenticatedOptions.IsUnauthenticatedAuthenticationProvider());
+
+            // Test case-insensitivity
+            AuthenticationOptions unauthenticatedOptionsLower = new(Provider: "unauthenticated");
+            Assert.IsTrue(unauthenticatedOptionsLower.IsUnauthenticatedAuthenticationProvider());
+
+            // Test that other providers are not identified as Unauthenticated
+            AuthenticationOptions appServiceOptions = new(Provider: "AppService");
+            Assert.IsFalse(appServiceOptions.IsUnauthenticatedAuthenticationProvider());
+
+            AuthenticationOptions simulatorOptions = new(Provider: "Simulator");
+            Assert.IsFalse(simulatorOptions.IsUnauthenticatedAuthenticationProvider());
+        }
+
         private static RuntimeConfig CreateRuntimeConfigWithOptionalAuthN(AuthenticationOptions authNConfig = null)
         {
             DataSource dataSource = new(DatabaseType.MSSQL, DEFAULT_CONNECTION_STRING, new());
diff --git a/src/Service/Startup.cs b/src/Service/Startup.cs
index e61154fc90..e952748e63 100644
--- a/src/Service/Startup.cs
+++ b/src/Service/Startup.cs
@@ -13,7 +13,7 @@
 using Azure.DataApiBuilder.Config.Utilities;
 using Azure.DataApiBuilder.Core.AuthenticationHelpers;
 using Azure.DataApiBuilder.Core.AuthenticationHelpers.AuthenticationSimulator;
-using Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthenticationHandler;
+using Azure.DataApiBuilder.Core.AuthenticationHelpers.UnauthenticatedAuthentication;
 using Azure.DataApiBuilder.Core.Authorization;
 using Azure.DataApiBuilder.Core.Configurations;
 using Azure.DataApiBuilder.Core.Models;

From 17844cead42ca205efcd292f1609a6739306dafb Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 13 Feb 2026 07:03:40 +0000
Subject: [PATCH 08/18] Change default authentication provider from AppService
 to Unauthenticated

Co-authored-by: JerryNixon <1749983+JerryNixon@users.noreply.github.com>
---
 src/Cli/Commands/ConfigureOptions.cs            | 2 +-
 src/Cli/Commands/InitOptions.cs                 | 2 +-
 src/Cli/ConfigGenerator.cs                      | 4 ++--
 src/Config/ObjectModel/AuthenticationOptions.cs | 8 ++++----
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/Cli/Commands/ConfigureOptions.cs b/src/Cli/Commands/ConfigureOptions.cs
index 14234d24d7..d0534ac106 100644
--- a/src/Cli/Commands/ConfigureOptions.cs
+++ b/src/Cli/Commands/ConfigureOptions.cs
@@ -232,7 +232,7 @@ public ConfigureOptions(
         [Option("runtime.host.cors.allow-credentials", Required = false, HelpText = "Set value for Access-Control-Allow-Credentials header in Host.Cors. Default: false (boolean).")]
         public bool? RuntimeHostCorsAllowCredentials { get; }
 
-        [Option("runtime.host.authentication.provider", Required = false, HelpText = "Configure the name of authentication provider. Default: AppService.")]
+        [Option("runtime.host.authentication.provider", Required = false, HelpText = "Configure the name of authentication provider. Default: Unauthenticated.")]
         public string? RuntimeHostAuthenticationProvider { get; }
 
         [Option("runtime.host.authentication.jwt.audience", Required = false, HelpText = "Configure the intended recipient(s) of the Jwt Token.")]
diff --git a/src/Cli/Commands/InitOptions.cs b/src/Cli/Commands/InitOptions.cs
index e01ad1b774..93fc4e3f0b 100644
--- a/src/Cli/Commands/InitOptions.cs
+++ b/src/Cli/Commands/InitOptions.cs
@@ -94,7 +94,7 @@ public InitOptions(
         [Option("cors-origin", Separator = ',', Required = false, HelpText = "Specify the list of allowed origins.")]
         public IEnumerable<string>? CorsOrigin { get; }
 
-        [Option("auth.provider", Default = "AppService", Required = false, HelpText = "Specify the Identity Provider.")]
+        [Option("auth.provider", Default = "Unauthenticated", Required = false, HelpText = "Specify the Identity Provider.")]
         public string AuthenticationProvider { get; }
 
         [Option("auth.audience", Required = false, HelpText = "Identifies the recipients that the JWT is intended for.")]
diff --git a/src/Cli/ConfigGenerator.cs b/src/Cli/ConfigGenerator.cs
index ddf365526a..6f8cf72e0d 100644
--- a/src/Cli/ConfigGenerator.cs
+++ b/src/Cli/ConfigGenerator.cs
@@ -1365,8 +1365,8 @@ private static bool TryUpdateConfiguredHostValues(
                 string? updatedProviderValue = options?.RuntimeHostAuthenticationProvider;
                 if (updatedProviderValue != null)
                 {
-                    // Default to AppService when provider string is not provided
-                    updatedValue = updatedProviderValue?.ToString() ?? nameof(EasyAuthType.AppService);
+                    // Default to Unauthenticated when provider string is not provided
+                    updatedValue = updatedProviderValue?.ToString() ?? AuthenticationOptions.UNAUTHENTICATED_AUTHENTICATION;
                     AuthenticationOptions AuthOptions;
                     if (updatedHostOptions?.Authentication == null)
                     {
diff --git a/src/Config/ObjectModel/AuthenticationOptions.cs b/src/Config/ObjectModel/AuthenticationOptions.cs
index b12534412a..b0fc219750 100644
--- a/src/Config/ObjectModel/AuthenticationOptions.cs
+++ b/src/Config/ObjectModel/AuthenticationOptions.cs
@@ -6,12 +6,12 @@ namespace Azure.DataApiBuilder.Config.ObjectModel;
 /// <summary>
 /// Authentication configuration.
 /// </summary>
-/// <param name="Provider">Identity Provider. Default is AppService.
-/// With EasyAuth and Simulator, no Audience or Issuer are expected.
+/// <param name="Provider">Identity Provider. Default is Unauthenticated.
+/// With EasyAuth, Simulator, and Unauthenticated, no Audience or Issuer are expected.
 /// </param>
 /// <param name="Jwt">Settings enabling validation of the received JWT token.
-/// Required only when Provider is other than EasyAuth.</param>
-public record AuthenticationOptions(string Provider = nameof(EasyAuthType.AppService), JwtOptions? Jwt = null)
+/// Required only when Provider is other than EasyAuth, Simulator, or Unauthenticated.</param>
+public record AuthenticationOptions(string Provider = "Unauthenticated", JwtOptions? Jwt = null)
 {
     public const string SIMULATOR_AUTHENTICATION = "Simulator";
     public const string CLIENT_PRINCIPAL_HEADER = "X-MS-CLIENT-PRINCIPAL";

From 8b364ca7a5fed15993886e35e4d0a7ee8ce93767 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sat, 21 Feb 2026 04:27:05 +0000
Subject: [PATCH 09/18] Remove unused using directive from
 ValidateConfigTests.cs

Co-authored-by: Aniruddh25 <3513779+Aniruddh25@users.noreply.github.com>
---
 src/Cli.Tests/ValidateConfigTests.cs | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/Cli.Tests/ValidateConfigTests.cs b/src/Cli.Tests/ValidateConfigTests.cs
index 22364712e7..e40a32e291 100644
--- a/src/Cli.Tests/ValidateConfigTests.cs
+++ b/src/Cli.Tests/ValidateConfigTests.cs
@@ -1,7 +1,6 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT License.
 
-using Azure.DataApiBuilder.Config.ObjectModel;
 using Azure.DataApiBuilder.Core.Configurations;
 using Azure.DataApiBuilder.Core.Models;
 using Serilog;

From 0d0b3f84dd004e90c391b797e38fd1a6dd69a0e0 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sat, 21 Feb 2026 04:38:46 +0000
Subject: [PATCH 10/18] Use IsJwtConfiguredIdentityProvider() in Startup.cs for
 cleaner code

Co-authored-by: Aniruddh25 <3513779+Aniruddh25@users.noreply.github.com>
---
 src/Service/Startup.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Service/Startup.cs b/src/Service/Startup.cs
index 37b34d5c23..667646a237 100644
--- a/src/Service/Startup.cs
+++ b/src/Service/Startup.cs
@@ -867,7 +867,7 @@ private void ConfigureAuthentication(IServiceCollection services, RuntimeConfigP
             {
                 AuthenticationOptions authOptions = runtimeConfig.Runtime.Host.Authentication;
                 HostMode mode = runtimeConfig.Runtime.Host.Mode;
-                if (!authOptions.IsAuthenticationSimulatorEnabled() && !authOptions.IsEasyAuthAuthenticationProvider() && !authOptions.IsUnauthenticatedAuthenticationProvider())
+                if (authOptions.IsJwtConfiguredIdentityProvider())
                 {
                     services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                     .AddJwtBearer(options =>

From a62d2fa9354b416fea83d72e8578386ad4ba42b8 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 5 Mar 2026 03:06:53 +0000
Subject: [PATCH 11/18] Fix: Revert AuthenticationOptions record default to
 AppService for backward compatibility

Co-authored-by: Aniruddh25 <3513779+Aniruddh25@users.noreply.github.com>
---
 src/Cli/ConfigGenerator.cs                      | 3 +--
 src/Config/ObjectModel/AuthenticationOptions.cs | 4 ++--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/Cli/ConfigGenerator.cs b/src/Cli/ConfigGenerator.cs
index d9a48061da..085aa21c46 100644
--- a/src/Cli/ConfigGenerator.cs
+++ b/src/Cli/ConfigGenerator.cs
@@ -1399,8 +1399,7 @@ private static bool TryUpdateConfiguredHostValues(
                 string? updatedProviderValue = options?.RuntimeHostAuthenticationProvider;
                 if (updatedProviderValue != null)
                 {
-                    // Default to Unauthenticated when provider string is not provided
-                    updatedValue = updatedProviderValue?.ToString() ?? AuthenticationOptions.UNAUTHENTICATED_AUTHENTICATION;
+                    updatedValue = updatedProviderValue;
                     AuthenticationOptions AuthOptions;
                     if (updatedHostOptions?.Authentication == null)
                     {
diff --git a/src/Config/ObjectModel/AuthenticationOptions.cs b/src/Config/ObjectModel/AuthenticationOptions.cs
index b0fc219750..a71c649017 100644
--- a/src/Config/ObjectModel/AuthenticationOptions.cs
+++ b/src/Config/ObjectModel/AuthenticationOptions.cs
@@ -6,12 +6,12 @@ namespace Azure.DataApiBuilder.Config.ObjectModel;
 /// <summary>
 /// Authentication configuration.
 /// </summary>
-/// <param name="Provider">Identity Provider. Default is Unauthenticated.
+/// <param name="Provider">Identity Provider. Default is AppService.
 /// With EasyAuth, Simulator, and Unauthenticated, no Audience or Issuer are expected.
 /// </param>
 /// <param name="Jwt">Settings enabling validation of the received JWT token.
 /// Required only when Provider is other than EasyAuth, Simulator, or Unauthenticated.</param>
-public record AuthenticationOptions(string Provider = "Unauthenticated", JwtOptions? Jwt = null)
+public record AuthenticationOptions(string Provider = nameof(EasyAuthType.AppService), JwtOptions? Jwt = null)
 {
     public const string SIMULATOR_AUTHENTICATION = "Simulator";
     public const string CLIENT_PRINCIPAL_HEADER = "X-MS-CLIENT-PRINCIPAL";

From 9c68fb75605437027d17e74ef0ee7b1a9b7cca2e Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Thu, 5 Mar 2026 03:18:27 +0000
Subject: [PATCH 12/18] Change default authentication provider to
 Unauthenticated and update tests

Co-authored-by: Aniruddh25 <3513779+Aniruddh25@users.noreply.github.com>
---
 src/Cli.Tests/ModuleInitializer.cs                |  2 ++
 src/Config/ObjectModel/AuthenticationOptions.cs   |  4 ++--
 src/Config/ObjectModel/RuntimeConfig.cs           | 15 +++++++++++----
 src/Service.Tests/ModuleInitializer.cs            |  2 ++
 .../RuntimeConfigLoaderJsonDeserializerTests.cs   |  2 +-
 5 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/src/Cli.Tests/ModuleInitializer.cs b/src/Cli.Tests/ModuleInitializer.cs
index 2baf75a780..801637d4c5 100644
--- a/src/Cli.Tests/ModuleInitializer.cs
+++ b/src/Cli.Tests/ModuleInitializer.cs
@@ -85,6 +85,8 @@ public static void Init()
         VerifierSettings.IgnoreMember<RuntimeConfig>(config => config.IsStaticWebAppsIdentityProvider);
         // Ignore the IsAppServiceIdentityProvider as that's unimportant from a test standpoint.
         VerifierSettings.IgnoreMember<RuntimeConfig>(config => config.IsAppServiceIdentityProvider);
+        // Ignore the IsUnauthenticatedIdentityProvider as that's unimportant from a test standpoint.
+        VerifierSettings.IgnoreMember<RuntimeConfig>(config => config.IsUnauthenticatedIdentityProvider);
         // Ignore the RestPath as that's unimportant from a test standpoint.
         VerifierSettings.IgnoreMember<RuntimeConfig>(config => config.RestPath);
         // Ignore the GraphQLPath as that's unimportant from a test standpoint.
diff --git a/src/Config/ObjectModel/AuthenticationOptions.cs b/src/Config/ObjectModel/AuthenticationOptions.cs
index a71c649017..b0fc219750 100644
--- a/src/Config/ObjectModel/AuthenticationOptions.cs
+++ b/src/Config/ObjectModel/AuthenticationOptions.cs
@@ -6,12 +6,12 @@ namespace Azure.DataApiBuilder.Config.ObjectModel;
 /// <summary>
 /// Authentication configuration.
 /// </summary>
-/// <param name="Provider">Identity Provider. Default is AppService.
+/// <param name="Provider">Identity Provider. Default is Unauthenticated.
 /// With EasyAuth, Simulator, and Unauthenticated, no Audience or Issuer are expected.
 /// </param>
 /// <param name="Jwt">Settings enabling validation of the received JWT token.
 /// Required only when Provider is other than EasyAuth, Simulator, or Unauthenticated.</param>
-public record AuthenticationOptions(string Provider = nameof(EasyAuthType.AppService), JwtOptions? Jwt = null)
+public record AuthenticationOptions(string Provider = "Unauthenticated", JwtOptions? Jwt = null)
 {
     public const string SIMULATOR_AUTHENTICATION = "Simulator";
     public const string CLIENT_PRINCIPAL_HEADER = "X-MS-CLIENT-PRINCIPAL";
diff --git a/src/Config/ObjectModel/RuntimeConfig.cs b/src/Config/ObjectModel/RuntimeConfig.cs
index 0684040f85..9c92ed1e82 100644
--- a/src/Config/ObjectModel/RuntimeConfig.cs
+++ b/src/Config/ObjectModel/RuntimeConfig.cs
@@ -95,9 +95,7 @@ Runtime.Health is null ||
     /// <returns>True if the authentication provider is enabled for Static Web Apps, otherwise false.</returns>
     [JsonIgnore]
     public bool IsStaticWebAppsIdentityProvider =>
-        Runtime is null ||
-        Runtime.Host is null ||
-        Runtime.Host.Authentication is null ||
+        Runtime?.Host?.Authentication is not null &&
         EasyAuthType.StaticWebApps.ToString().Equals(Runtime.Host.Authentication.Provider, StringComparison.OrdinalIgnoreCase);
 
     /// <summary>
@@ -106,10 +104,19 @@ Runtime.Host.Authentication is null ||
     /// <returns>True if the authentication provider is enabled for App Service, otherwise false.</returns>
     [JsonIgnore]
     public bool IsAppServiceIdentityProvider =>
+        Runtime?.Host?.Authentication is not null &&
+        EasyAuthType.AppService.ToString().Equals(Runtime.Host.Authentication.Provider, StringComparison.OrdinalIgnoreCase);
+
+    /// <summary>
+    /// A shorthand method to determine whether Unauthenticated is configured for the current authentication provider.
+    /// </summary>
+    /// <returns>True if the authentication provider is Unauthenticated (the default), otherwise false.</returns>
+    [JsonIgnore]
+    public bool IsUnauthenticatedIdentityProvider =>
         Runtime is null ||
         Runtime.Host is null ||
         Runtime.Host.Authentication is null ||
-        EasyAuthType.AppService.ToString().Equals(Runtime.Host.Authentication.Provider, StringComparison.OrdinalIgnoreCase);
+        AuthenticationOptions.UNAUTHENTICATED_AUTHENTICATION.Equals(Runtime.Host.Authentication.Provider, StringComparison.OrdinalIgnoreCase);
 
     /// <summary>
     /// The path at which Rest APIs are available
diff --git a/src/Service.Tests/ModuleInitializer.cs b/src/Service.Tests/ModuleInitializer.cs
index b2d713b804..c5bfeddc1e 100644
--- a/src/Service.Tests/ModuleInitializer.cs
+++ b/src/Service.Tests/ModuleInitializer.cs
@@ -85,6 +85,8 @@ public static void Init()
         VerifierSettings.IgnoreMember<RuntimeConfig>(config => config.IsStaticWebAppsIdentityProvider);
         // Ignore the IsAppServiceIdentityProvider as that's unimportant from a test standpoint.
         VerifierSettings.IgnoreMember<RuntimeConfig>(config => config.IsAppServiceIdentityProvider);
+        // Ignore the IsUnauthenticatedIdentityProvider as that's unimportant from a test standpoint.
+        VerifierSettings.IgnoreMember<RuntimeConfig>(config => config.IsUnauthenticatedIdentityProvider);
         // Ignore the RestPath as that's unimportant from a test standpoint.
         VerifierSettings.IgnoreMember<RuntimeConfig>(config => config.RestPath);
         // Ignore the GraphQLPath as that's unimportant from a test standpoint.
diff --git a/src/Service.Tests/UnitTests/RuntimeConfigLoaderJsonDeserializerTests.cs b/src/Service.Tests/UnitTests/RuntimeConfigLoaderJsonDeserializerTests.cs
index 3ec7c47f10..c34290999a 100644
--- a/src/Service.Tests/UnitTests/RuntimeConfigLoaderJsonDeserializerTests.cs
+++ b/src/Service.Tests/UnitTests/RuntimeConfigLoaderJsonDeserializerTests.cs
@@ -792,7 +792,7 @@ private static bool TryParseAndAssertOnDefaults(string json, out RuntimeConfig p
             Assert.AreEqual(McpRuntimeOptions.DEFAULT_PATH, parsedConfig.McpPath);
             Assert.IsTrue(parsedConfig.AllowIntrospection);
             Assert.IsFalse(parsedConfig.IsDevelopmentMode());
-            Assert.IsTrue(parsedConfig.IsAppServiceIdentityProvider);
+            Assert.IsTrue(parsedConfig.IsUnauthenticatedIdentityProvider);
             Assert.IsTrue(parsedConfig.IsRequestBodyStrict);
             Assert.IsTrue(parsedConfig.IsLogLevelNull());
             Assert.IsTrue(parsedConfig.Runtime?.Telemetry?.ApplicationInsights is null

From a8781acc556b300b10d0d80785ee347339cc7363 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 02:13:23 +0000
Subject: [PATCH 13/18] Update snapshot files to use Unauthenticated as default
 provider

Co-authored-by: Aniruddh25 <3513779+Aniruddh25@users.noreply.github.com>
---
 ...AddEntityWithAnExistingNameButWithDifferentCase.verified.txt | 2 +-
 .../AddEntityTests.AddEntityWithCachingEnabled.verified.txt     | 2 +-
 ...tyWithPolicyAndFieldProperties_70de36ebf1478d0d.verified.txt | 2 +-
 ...tyWithPolicyAndFieldProperties_9f612e68879149a3.verified.txt | 2 +-
 ...tyWithPolicyAndFieldProperties_bea2d26f3e5462d8.verified.txt | 2 +-
 .../AddEntityTests.AddNewEntityWhenEntitiesEmpty.verified.txt   | 2 +-
 ...AddEntityTests.AddNewEntityWhenEntitiesNotEmpty.verified.txt | 2 +-
 ...ewEntityWhenEntitiesWithSourceAsStoredProcedure.verified.txt | 2 +-
 ...tyTests.AddStoredProcedureWithBothMcpProperties.verified.txt | 2 +-
 ....AddStoredProcedureWithBothMcpPropertiesEnabled.verified.txt | 2 +-
 ...ests.AddStoredProcedureWithMcpCustomToolEnabled.verified.txt | 2 +-
 ...ithMcpDmlTools_mcpDmlTools=false_source=authors.verified.txt | 2 +-
 ...tyWithMcpDmlTools_mcpDmlTools=true_source=books.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_0c9cbb8942b4a4e5.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_286d268a654ece27.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_3048323e01b42681.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_3440d150a2282b9c.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_381c28d25063be0c.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_458373311f6ed4ed.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_66799c963a6306ae.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_66f598295b8682fd.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_73f95f7e2cd3ed71.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_79d59edde7f6a272.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_7ec82512a1df5293.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_cbb6e5548e4d3535.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_dc629052f38cea32.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_e4a97c7e3507d2c6.verified.txt | 2 +-
 ...DifferentRestAndGraphQLOptions_f8d0d0c2a38bd3b8.verified.txt | 2 +-
 ...redProcedureWithRestMethodsAndGraphQLOperations.verified.txt | 2 +-
 ...redProcedureWithRestMethodsAndGraphQLOperations.verified.txt | 2 +-
 ...tedAfterAddingEntityWithSourceAsStoredProcedure.verified.txt | 2 +-
 ...ratedAfterAddingEntityWithSourceWithDefaultType.verified.txt | 2 +-
 ...igGeneratedAfterAddingEntityWithoutIEnumerables.verified.txt | 2 +-
 .../EndToEndTests.TestInitForCosmosDBNoSql.verified.txt         | 2 +-
 ...ests.TestUpdatingStoredProcedureWithRestMethods.verified.txt | 2 +-
 ...redProcedureWithRestMethodsAndGraphQLOperations.verified.txt | 2 +-
 .../Snapshots/InitTests.CosmosDbNoSqlDatabase.verified.txt      | 2 +-
 .../Snapshots/InitTests.CosmosDbPostgreSqlDatabase.verified.txt | 2 +-
 ...fferentAuthenticationProviders_b95b637ea87f16a7.verified.txt | 2 +-
 ....GraphQLPathWithoutStartingSlashWillHaveItAdded.verified.txt | 2 +-
 src/Cli.Tests/Snapshots/InitTests.MsSQLDatabase.verified.txt    | 2 +-
 ...sts.RestPathWithoutStartingSlashWillHaveItAdded.verified.txt | 2 +-
 ...s.TestInitializingConfigWithoutConnectionString.verified.txt | 2 +-
 ...itTests.TestSpecialCharactersInConnectionString.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_0546bef37027a950.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_0ac567dd32a2e8f5.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_0c06949221514e77.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_18667ab7db033e9d.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_2f42f44c328eb020.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_3243d3f3441fdcc1.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_53350b8b47df2112.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_6584e0ec46b8a11d.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_81cc88db3d4eecfb.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_8ea187616dbb5577.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_905845c29560a3ef.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_b2fd24fab5b80917.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_bd7cd088755287c9.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_d2eccba2f836b380.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_d463eed7fe5e4bbe.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_d5520dd5c33f7b8d.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_eab4a6010e602b59.verified.txt | 2 +-
 ...ionWithMultipleMutationOptions_ecaa688829b4030e.verified.txt | 2 +-
 ...s.TestConversionOfSourceObject_036a859f50ce167c.verified.txt | 2 +-
 ...s.TestConversionOfSourceObject_103655d39b48d89f.verified.txt | 2 +-
 ...s.TestConversionOfSourceObject_442649c7ef2176bd.verified.txt | 2 +-
 ...s.TestConversionOfSourceObject_7f2338fdc84aafc3.verified.txt | 2 +-
 ...s.TestConversionOfSourceObject_a70c086a74142c82.verified.txt | 2 +-
 ...s.TestConversionOfSourceObject_c26902b0e44f97cd.verified.txt | 2 +-
 ...tyTests.TestUpdateEntityByAddingNewRelationship.verified.txt | 2 +-
 ...tyTests.TestUpdateEntityByModifyingRelationship.verified.txt | 2 +-
 .../UpdateEntityTests.TestUpdateEntityCaching.verified.txt      | 2 +-
 .../UpdateEntityTests.TestUpdateEntityPermission.verified.txt   | 2 +-
 ...Tests.TestUpdateEntityPermissionByAddingNewRole.verified.txt | 2 +-
 ....TestUpdateEntityPermissionHavingWildcardAction.verified.txt | 2 +-
 ...ts.TestUpdateEntityPermissionWithExistingAction.verified.txt | 2 +-
 ...ts.TestUpdateEntityPermissionWithWildcardAction.verified.txt | 2 +-
 .../UpdateEntityTests.TestUpdateEntityWithMappings.verified.txt | 2 +-
 ...tyWithPolicyAndFieldProperties_088d6237033e0a7c.verified.txt | 2 +-
 ...tyWithPolicyAndFieldProperties_3ea32fdef7aed1b4.verified.txt | 2 +-
 ...tyWithPolicyAndFieldProperties_4d25c2c012107597.verified.txt | 2 +-
 ....TestUpdateEntityWithSpecialCharacterInMappings.verified.txt | 2 +-
 .../UpdateEntityTests.TestUpdateExistingMappings.verified.txt   | 2 +-
 .../Snapshots/UpdateEntityTests.TestUpdatePolicy.verified.txt   | 2 +-
 ...hQLSettingsForStoredProcedures_10ea92e3b25ab0c9.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_127bb81593f835fe.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_386efa1a113fac6b.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_53db4712d83be8e6.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_5e9ddd8c7c740efd.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_6c5b3bfc72e5878a.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_8398059a743d7027.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_a49380ce6d1fd8ba.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_c9b12fe27be53878.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_d19603117eb8b51b.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_d770d682c5802737.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_ef8cc721c9dfc7e4.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_f3897e2254996db0.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_f4cadb897fc5b0fe.verified.txt | 2 +-
 ...hQLSettingsForStoredProcedures_f59b2a65fc1e18a3.verified.txt | 2 +-
 ...ceStringToDatabaseSourceObject_574e1995f787740f.verified.txt | 2 +-
 ...ceStringToDatabaseSourceObject_a13a9ca73b21f261.verified.txt | 2 +-
 ...ceStringToDatabaseSourceObject_a5ce76c8bea25cc8.verified.txt | 2 +-
 ...ceStringToDatabaseSourceObject_bba111332a1f973f.verified.txt | 2 +-
 ....TestUpdateStoredProcedureWithBothMcpProperties.verified.txt | 2 +-
 ...dateStoredProcedureWithBothMcpPropertiesEnabled.verified.txt | 2 +-
 ...stUpdateStoredProcedureWithMcpCustomToolEnabled.verified.txt | 2 +-
 ...TableEntityWithMcpDmlTools_newMcpDmlTools=false.verified.txt | 2 +-
 ...eTableEntityWithMcpDmlTools_newMcpDmlTools=true.verified.txt | 2 +-
 ...UpdateEntityTests.UpdateDatabaseSourceKeyFields.verified.txt | 2 +-
 .../UpdateEntityTests.UpdateDatabaseSourceName.verified.txt     | 2 +-
 ...pdateEntityTests.UpdateDatabaseSourceParameters.verified.txt | 2 +-
 110 files changed, 110 insertions(+), 110 deletions(-)

diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithAnExistingNameButWithDifferentCase.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithAnExistingNameButWithDifferentCase.verified.txt
index 12d7802079..9a5c624892 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithAnExistingNameButWithDifferentCase.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithAnExistingNameButWithDifferentCase.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithCachingEnabled.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithCachingEnabled.verified.txt
index b4b428038b..537e44d45c 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithCachingEnabled.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithCachingEnabled.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithPolicyAndFieldProperties_70de36ebf1478d0d.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithPolicyAndFieldProperties_70de36ebf1478d0d.verified.txt
index 10324a7f50..27183a2401 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithPolicyAndFieldProperties_70de36ebf1478d0d.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithPolicyAndFieldProperties_70de36ebf1478d0d.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithPolicyAndFieldProperties_9f612e68879149a3.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithPolicyAndFieldProperties_9f612e68879149a3.verified.txt
index 72d4c28329..93c751ed3c 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithPolicyAndFieldProperties_9f612e68879149a3.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithPolicyAndFieldProperties_9f612e68879149a3.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithPolicyAndFieldProperties_bea2d26f3e5462d8.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithPolicyAndFieldProperties_bea2d26f3e5462d8.verified.txt
index d21d3b195d..f021896c03 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithPolicyAndFieldProperties_bea2d26f3e5462d8.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddEntityWithPolicyAndFieldProperties_bea2d26f3e5462d8.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddNewEntityWhenEntitiesEmpty.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddNewEntityWhenEntitiesEmpty.verified.txt
index 3d6deefaba..4a47bf317c 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddNewEntityWhenEntitiesEmpty.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddNewEntityWhenEntitiesEmpty.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddNewEntityWhenEntitiesNotEmpty.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddNewEntityWhenEntitiesNotEmpty.verified.txt
index d2a1b26553..7629d7bdff 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddNewEntityWhenEntitiesNotEmpty.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddNewEntityWhenEntitiesNotEmpty.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddNewEntityWhenEntitiesWithSourceAsStoredProcedure.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddNewEntityWhenEntitiesWithSourceAsStoredProcedure.verified.txt
index 2418bbaf9e..9912d42141 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddNewEntityWhenEntitiesWithSourceAsStoredProcedure.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddNewEntityWhenEntitiesWithSourceAsStoredProcedure.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddStoredProcedureWithBothMcpProperties.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddStoredProcedureWithBothMcpProperties.verified.txt
index c5772388d6..56d36a80e9 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddStoredProcedureWithBothMcpProperties.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddStoredProcedureWithBothMcpProperties.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddStoredProcedureWithBothMcpPropertiesEnabled.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddStoredProcedureWithBothMcpPropertiesEnabled.verified.txt
index f0c74a20b7..27952b4d77 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddStoredProcedureWithBothMcpPropertiesEnabled.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddStoredProcedureWithBothMcpPropertiesEnabled.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddStoredProcedureWithMcpCustomToolEnabled.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddStoredProcedureWithMcpCustomToolEnabled.verified.txt
index 50b1b5c571..776e1a1eea 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddStoredProcedureWithMcpCustomToolEnabled.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddStoredProcedureWithMcpCustomToolEnabled.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddTableEntityWithMcpDmlTools_mcpDmlTools=false_source=authors.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddTableEntityWithMcpDmlTools_mcpDmlTools=false_source=authors.verified.txt
index e1ba348224..68240dd6a2 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddTableEntityWithMcpDmlTools_mcpDmlTools=false_source=authors.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddTableEntityWithMcpDmlTools_mcpDmlTools=false_source=authors.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.AddTableEntityWithMcpDmlTools_mcpDmlTools=true_source=books.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.AddTableEntityWithMcpDmlTools_mcpDmlTools=true_source=books.verified.txt
index 82287b53aa..f2598284de 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.AddTableEntityWithMcpDmlTools_mcpDmlTools=true_source=books.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.AddTableEntityWithMcpDmlTools_mcpDmlTools=true_source=books.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_0c9cbb8942b4a4e5.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_0c9cbb8942b4a4e5.verified.txt
index 9729cf4aae..63c6ac998d 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_0c9cbb8942b4a4e5.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_0c9cbb8942b4a4e5.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_286d268a654ece27.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_286d268a654ece27.verified.txt
index 99d78eaa0e..8c676b4a2d 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_286d268a654ece27.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_286d268a654ece27.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_3048323e01b42681.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_3048323e01b42681.verified.txt
index ec4549f38a..10c48a7e98 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_3048323e01b42681.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_3048323e01b42681.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_3440d150a2282b9c.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_3440d150a2282b9c.verified.txt
index 6ba80ba348..f8f72548a2 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_3440d150a2282b9c.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_3440d150a2282b9c.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_381c28d25063be0c.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_381c28d25063be0c.verified.txt
index 99d78eaa0e..8c676b4a2d 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_381c28d25063be0c.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_381c28d25063be0c.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_458373311f6ed4ed.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_458373311f6ed4ed.verified.txt
index 11d8adb815..f535b969ec 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_458373311f6ed4ed.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_458373311f6ed4ed.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_66799c963a6306ae.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_66799c963a6306ae.verified.txt
index 5c6a0b7d6b..c8a0cd79ed 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_66799c963a6306ae.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_66799c963a6306ae.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_66f598295b8682fd.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_66f598295b8682fd.verified.txt
index e3a6363fb1..4481d1fc60 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_66f598295b8682fd.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_66f598295b8682fd.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_73f95f7e2cd3ed71.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_73f95f7e2cd3ed71.verified.txt
index 9729cf4aae..63c6ac998d 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_73f95f7e2cd3ed71.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_73f95f7e2cd3ed71.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_79d59edde7f6a272.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_79d59edde7f6a272.verified.txt
index 11d8adb815..f535b969ec 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_79d59edde7f6a272.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_79d59edde7f6a272.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_7ec82512a1df5293.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_7ec82512a1df5293.verified.txt
index 9729cf4aae..63c6ac998d 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_7ec82512a1df5293.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_7ec82512a1df5293.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_cbb6e5548e4d3535.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_cbb6e5548e4d3535.verified.txt
index 9729cf4aae..63c6ac998d 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_cbb6e5548e4d3535.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_cbb6e5548e4d3535.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_dc629052f38cea32.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_dc629052f38cea32.verified.txt
index aa074116d0..96e505cf62 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_dc629052f38cea32.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_dc629052f38cea32.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_e4a97c7e3507d2c6.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_e4a97c7e3507d2c6.verified.txt
index 9b7d9f96e9..c33ba73b09 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_e4a97c7e3507d2c6.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_e4a97c7e3507d2c6.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_f8d0d0c2a38bd3b8.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_f8d0d0c2a38bd3b8.verified.txt
index e3a6363fb1..4481d1fc60 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_f8d0d0c2a38bd3b8.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddNewSpWithDifferentRestAndGraphQLOptions_f8d0d0c2a38bd3b8.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddStoredProcedureWithRestMethodsAndGraphQLOperations.verified.txt b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddStoredProcedureWithRestMethodsAndGraphQLOperations.verified.txt
index 11829a214c..d00c43932b 100644
--- a/src/Cli.Tests/Snapshots/AddEntityTests.TestAddStoredProcedureWithRestMethodsAndGraphQLOperations.verified.txt
+++ b/src/Cli.Tests/Snapshots/AddEntityTests.TestAddStoredProcedureWithRestMethodsAndGraphQLOperations.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/EndToEndTests.TestAddingStoredProcedureWithRestMethodsAndGraphQLOperations.verified.txt b/src/Cli.Tests/Snapshots/EndToEndTests.TestAddingStoredProcedureWithRestMethodsAndGraphQLOperations.verified.txt
index 3fa1fbc14e..7b01a5b5ca 100644
--- a/src/Cli.Tests/Snapshots/EndToEndTests.TestAddingStoredProcedureWithRestMethodsAndGraphQLOperations.verified.txt
+++ b/src/Cli.Tests/Snapshots/EndToEndTests.TestAddingStoredProcedureWithRestMethodsAndGraphQLOperations.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/EndToEndTests.TestConfigGeneratedAfterAddingEntityWithSourceAsStoredProcedure.verified.txt b/src/Cli.Tests/Snapshots/EndToEndTests.TestConfigGeneratedAfterAddingEntityWithSourceAsStoredProcedure.verified.txt
index 76ea01dfca..bb9463e879 100644
--- a/src/Cli.Tests/Snapshots/EndToEndTests.TestConfigGeneratedAfterAddingEntityWithSourceAsStoredProcedure.verified.txt
+++ b/src/Cli.Tests/Snapshots/EndToEndTests.TestConfigGeneratedAfterAddingEntityWithSourceAsStoredProcedure.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/EndToEndTests.TestConfigGeneratedAfterAddingEntityWithSourceWithDefaultType.verified.txt b/src/Cli.Tests/Snapshots/EndToEndTests.TestConfigGeneratedAfterAddingEntityWithSourceWithDefaultType.verified.txt
index 3a8c738a70..211adbdae2 100644
--- a/src/Cli.Tests/Snapshots/EndToEndTests.TestConfigGeneratedAfterAddingEntityWithSourceWithDefaultType.verified.txt
+++ b/src/Cli.Tests/Snapshots/EndToEndTests.TestConfigGeneratedAfterAddingEntityWithSourceWithDefaultType.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/EndToEndTests.TestConfigGeneratedAfterAddingEntityWithoutIEnumerables.verified.txt b/src/Cli.Tests/Snapshots/EndToEndTests.TestConfigGeneratedAfterAddingEntityWithoutIEnumerables.verified.txt
index df2cd4b009..205f467aba 100644
--- a/src/Cli.Tests/Snapshots/EndToEndTests.TestConfigGeneratedAfterAddingEntityWithoutIEnumerables.verified.txt
+++ b/src/Cli.Tests/Snapshots/EndToEndTests.TestConfigGeneratedAfterAddingEntityWithoutIEnumerables.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       },
       Mode: Production
     }
diff --git a/src/Cli.Tests/Snapshots/EndToEndTests.TestInitForCosmosDBNoSql.verified.txt b/src/Cli.Tests/Snapshots/EndToEndTests.TestInitForCosmosDBNoSql.verified.txt
index 1b14a3a7f0..8b499169ac 100644
--- a/src/Cli.Tests/Snapshots/EndToEndTests.TestInitForCosmosDBNoSql.verified.txt
+++ b/src/Cli.Tests/Snapshots/EndToEndTests.TestInitForCosmosDBNoSql.verified.txt
@@ -46,7 +46,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       },
       Mode: Production
     }
diff --git a/src/Cli.Tests/Snapshots/EndToEndTests.TestUpdatingStoredProcedureWithRestMethods.verified.txt b/src/Cli.Tests/Snapshots/EndToEndTests.TestUpdatingStoredProcedureWithRestMethods.verified.txt
index 62d9e237b5..e197c71aac 100644
--- a/src/Cli.Tests/Snapshots/EndToEndTests.TestUpdatingStoredProcedureWithRestMethods.verified.txt
+++ b/src/Cli.Tests/Snapshots/EndToEndTests.TestUpdatingStoredProcedureWithRestMethods.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/EndToEndTests.TestUpdatingStoredProcedureWithRestMethodsAndGraphQLOperations.verified.txt b/src/Cli.Tests/Snapshots/EndToEndTests.TestUpdatingStoredProcedureWithRestMethodsAndGraphQLOperations.verified.txt
index fa8b16e739..c518f7ea04 100644
--- a/src/Cli.Tests/Snapshots/EndToEndTests.TestUpdatingStoredProcedureWithRestMethodsAndGraphQLOperations.verified.txt
+++ b/src/Cli.Tests/Snapshots/EndToEndTests.TestUpdatingStoredProcedureWithRestMethodsAndGraphQLOperations.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.CosmosDbNoSqlDatabase.verified.txt b/src/Cli.Tests/Snapshots/InitTests.CosmosDbNoSqlDatabase.verified.txt
index 9d5458c0ee..f4d30e46f8 100644
--- a/src/Cli.Tests/Snapshots/InitTests.CosmosDbNoSqlDatabase.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.CosmosDbNoSqlDatabase.verified.txt
@@ -42,7 +42,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       },
       Mode: Production
     }
diff --git a/src/Cli.Tests/Snapshots/InitTests.CosmosDbPostgreSqlDatabase.verified.txt b/src/Cli.Tests/Snapshots/InitTests.CosmosDbPostgreSqlDatabase.verified.txt
index 51f6ad8d95..617c9ff467 100644
--- a/src/Cli.Tests/Snapshots/InitTests.CosmosDbPostgreSqlDatabase.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.CosmosDbPostgreSqlDatabase.verified.txt
@@ -42,7 +42,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders_b95b637ea87f16a7.verified.txt b/src/Cli.Tests/Snapshots/InitTests.EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders_b95b637ea87f16a7.verified.txt
index 25e3976685..c22463b483 100644
--- a/src/Cli.Tests/Snapshots/InitTests.EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders_b95b637ea87f16a7.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders_b95b637ea87f16a7.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       },
       Mode: Production
     }
diff --git a/src/Cli.Tests/Snapshots/InitTests.GraphQLPathWithoutStartingSlashWillHaveItAdded.verified.txt b/src/Cli.Tests/Snapshots/InitTests.GraphQLPathWithoutStartingSlashWillHaveItAdded.verified.txt
index a3a056ac0a..b345184a6c 100644
--- a/src/Cli.Tests/Snapshots/InitTests.GraphQLPathWithoutStartingSlashWillHaveItAdded.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.GraphQLPathWithoutStartingSlashWillHaveItAdded.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       },
       Mode: Production
     }
diff --git a/src/Cli.Tests/Snapshots/InitTests.MsSQLDatabase.verified.txt b/src/Cli.Tests/Snapshots/InitTests.MsSQLDatabase.verified.txt
index f40350c4da..f3326443d1 100644
--- a/src/Cli.Tests/Snapshots/InitTests.MsSQLDatabase.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.MsSQLDatabase.verified.txt
@@ -45,7 +45,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.RestPathWithoutStartingSlashWillHaveItAdded.verified.txt b/src/Cli.Tests/Snapshots/InitTests.RestPathWithoutStartingSlashWillHaveItAdded.verified.txt
index b792d41c9f..a0cd084f9d 100644
--- a/src/Cli.Tests/Snapshots/InitTests.RestPathWithoutStartingSlashWillHaveItAdded.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.RestPathWithoutStartingSlashWillHaveItAdded.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       },
       Mode: Production
     }
diff --git a/src/Cli.Tests/Snapshots/InitTests.TestInitializingConfigWithoutConnectionString.verified.txt b/src/Cli.Tests/Snapshots/InitTests.TestInitializingConfigWithoutConnectionString.verified.txt
index 173960d7b1..06b4549f42 100644
--- a/src/Cli.Tests/Snapshots/InitTests.TestInitializingConfigWithoutConnectionString.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.TestInitializingConfigWithoutConnectionString.verified.txt
@@ -45,7 +45,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.TestSpecialCharactersInConnectionString.verified.txt b/src/Cli.Tests/Snapshots/InitTests.TestSpecialCharactersInConnectionString.verified.txt
index 25e3976685..c22463b483 100644
--- a/src/Cli.Tests/Snapshots/InitTests.TestSpecialCharactersInConnectionString.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.TestSpecialCharactersInConnectionString.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       },
       Mode: Production
     }
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_0546bef37027a950.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_0546bef37027a950.verified.txt
index 63f0da701c..a5e1c02f1d 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_0546bef37027a950.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_0546bef37027a950.verified.txt
@@ -45,7 +45,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_0ac567dd32a2e8f5.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_0ac567dd32a2e8f5.verified.txt
index f40350c4da..f3326443d1 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_0ac567dd32a2e8f5.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_0ac567dd32a2e8f5.verified.txt
@@ -45,7 +45,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_0c06949221514e77.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_0c06949221514e77.verified.txt
index e59070d692..1db8c3abab 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_0c06949221514e77.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_0c06949221514e77.verified.txt
@@ -50,7 +50,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_18667ab7db033e9d.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_18667ab7db033e9d.verified.txt
index f7de35b7ae..090bb018ce 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_18667ab7db033e9d.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_18667ab7db033e9d.verified.txt
@@ -42,7 +42,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_2f42f44c328eb020.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_2f42f44c328eb020.verified.txt
index 63f0da701c..a5e1c02f1d 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_2f42f44c328eb020.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_2f42f44c328eb020.verified.txt
@@ -45,7 +45,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_3243d3f3441fdcc1.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_3243d3f3441fdcc1.verified.txt
index f7de35b7ae..090bb018ce 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_3243d3f3441fdcc1.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_3243d3f3441fdcc1.verified.txt
@@ -42,7 +42,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_53350b8b47df2112.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_53350b8b47df2112.verified.txt
index 75613db959..0d71ceadec 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_53350b8b47df2112.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_53350b8b47df2112.verified.txt
@@ -42,7 +42,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_6584e0ec46b8a11d.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_6584e0ec46b8a11d.verified.txt
index d93aac7dc6..0627040599 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_6584e0ec46b8a11d.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_6584e0ec46b8a11d.verified.txt
@@ -46,7 +46,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_81cc88db3d4eecfb.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_81cc88db3d4eecfb.verified.txt
index 640815babb..4ac6553763 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_81cc88db3d4eecfb.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_81cc88db3d4eecfb.verified.txt
@@ -50,7 +50,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_8ea187616dbb5577.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_8ea187616dbb5577.verified.txt
index 5900015d5a..dc12349a61 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_8ea187616dbb5577.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_8ea187616dbb5577.verified.txt
@@ -42,7 +42,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_905845c29560a3ef.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_905845c29560a3ef.verified.txt
index 63f0da701c..a5e1c02f1d 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_905845c29560a3ef.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_905845c29560a3ef.verified.txt
@@ -45,7 +45,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_b2fd24fab5b80917.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_b2fd24fab5b80917.verified.txt
index d93aac7dc6..0627040599 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_b2fd24fab5b80917.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_b2fd24fab5b80917.verified.txt
@@ -46,7 +46,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_bd7cd088755287c9.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_bd7cd088755287c9.verified.txt
index d93aac7dc6..0627040599 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_bd7cd088755287c9.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_bd7cd088755287c9.verified.txt
@@ -46,7 +46,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_d2eccba2f836b380.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_d2eccba2f836b380.verified.txt
index 75613db959..0d71ceadec 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_d2eccba2f836b380.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_d2eccba2f836b380.verified.txt
@@ -42,7 +42,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_d463eed7fe5e4bbe.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_d463eed7fe5e4bbe.verified.txt
index 5900015d5a..dc12349a61 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_d463eed7fe5e4bbe.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_d463eed7fe5e4bbe.verified.txt
@@ -42,7 +42,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_d5520dd5c33f7b8d.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_d5520dd5c33f7b8d.verified.txt
index 75613db959..0d71ceadec 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_d5520dd5c33f7b8d.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_d5520dd5c33f7b8d.verified.txt
@@ -42,7 +42,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_eab4a6010e602b59.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_eab4a6010e602b59.verified.txt
index f7de35b7ae..090bb018ce 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_eab4a6010e602b59.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_eab4a6010e602b59.verified.txt
@@ -42,7 +42,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_ecaa688829b4030e.verified.txt b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_ecaa688829b4030e.verified.txt
index 5900015d5a..dc12349a61 100644
--- a/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_ecaa688829b4030e.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.VerifyCorrectConfigGenerationWithMultipleMutationOptions_ecaa688829b4030e.verified.txt
@@ -42,7 +42,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_036a859f50ce167c.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_036a859f50ce167c.verified.txt
index 003bc17a3e..92372cda9e 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_036a859f50ce167c.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_036a859f50ce167c.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_103655d39b48d89f.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_103655d39b48d89f.verified.txt
index 29d477944f..2ac7a25588 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_103655d39b48d89f.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_103655d39b48d89f.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_442649c7ef2176bd.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_442649c7ef2176bd.verified.txt
index 003bc17a3e..92372cda9e 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_442649c7ef2176bd.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_442649c7ef2176bd.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_7f2338fdc84aafc3.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_7f2338fdc84aafc3.verified.txt
index edfefa5bac..577ddb24ec 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_7f2338fdc84aafc3.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_7f2338fdc84aafc3.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_a70c086a74142c82.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_a70c086a74142c82.verified.txt
index 2418bbaf9e..9912d42141 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_a70c086a74142c82.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_a70c086a74142c82.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_c26902b0e44f97cd.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_c26902b0e44f97cd.verified.txt
index 5339d06351..74d9a32e97 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_c26902b0e44f97cd.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestConversionOfSourceObject_c26902b0e44f97cd.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityByAddingNewRelationship.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityByAddingNewRelationship.verified.txt
index ef0e2b9151..dba270a547 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityByAddingNewRelationship.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityByAddingNewRelationship.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityByModifyingRelationship.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityByModifyingRelationship.verified.txt
index 44828bd61a..13f59be4da 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityByModifyingRelationship.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityByModifyingRelationship.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityCaching.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityCaching.verified.txt
index a3df8fd6c4..e2f5cc7be2 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityCaching.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityCaching.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermission.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermission.verified.txt
index 477f15db4a..96a100732c 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermission.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermission.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionByAddingNewRole.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionByAddingNewRole.verified.txt
index 63c4e24898..d1a8a8ec07 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionByAddingNewRole.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionByAddingNewRole.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionHavingWildcardAction.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionHavingWildcardAction.verified.txt
index f3db383d0f..e6c171a921 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionHavingWildcardAction.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionHavingWildcardAction.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionWithExistingAction.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionWithExistingAction.verified.txt
index c0818f3c84..603254265d 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionWithExistingAction.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionWithExistingAction.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionWithWildcardAction.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionWithWildcardAction.verified.txt
index 19444d8105..379b10c588 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionWithWildcardAction.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityPermissionWithWildcardAction.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithMappings.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithMappings.verified.txt
index e6f2bec0c9..60e9d4e1fc 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithMappings.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithMappings.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithPolicyAndFieldProperties_088d6237033e0a7c.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithPolicyAndFieldProperties_088d6237033e0a7c.verified.txt
index 10324a7f50..27183a2401 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithPolicyAndFieldProperties_088d6237033e0a7c.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithPolicyAndFieldProperties_088d6237033e0a7c.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithPolicyAndFieldProperties_3ea32fdef7aed1b4.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithPolicyAndFieldProperties_3ea32fdef7aed1b4.verified.txt
index d21d3b195d..f021896c03 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithPolicyAndFieldProperties_3ea32fdef7aed1b4.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithPolicyAndFieldProperties_3ea32fdef7aed1b4.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithPolicyAndFieldProperties_4d25c2c012107597.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithPolicyAndFieldProperties_4d25c2c012107597.verified.txt
index f44cb7a9b4..e6725b7978 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithPolicyAndFieldProperties_4d25c2c012107597.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithPolicyAndFieldProperties_4d25c2c012107597.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithSpecialCharacterInMappings.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithSpecialCharacterInMappings.verified.txt
index 396d09edf3..136d61d5f9 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithSpecialCharacterInMappings.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateEntityWithSpecialCharacterInMappings.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateExistingMappings.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateExistingMappings.verified.txt
index 2884cf540b..6e23f7b9ac 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateExistingMappings.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateExistingMappings.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdatePolicy.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdatePolicy.verified.txt
index 57c5f18284..e938e0f280 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdatePolicy.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdatePolicy.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_10ea92e3b25ab0c9.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_10ea92e3b25ab0c9.verified.txt
index 11d8adb815..f535b969ec 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_10ea92e3b25ab0c9.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_10ea92e3b25ab0c9.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_127bb81593f835fe.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_127bb81593f835fe.verified.txt
index e3a6363fb1..4481d1fc60 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_127bb81593f835fe.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_127bb81593f835fe.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_386efa1a113fac6b.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_386efa1a113fac6b.verified.txt
index 9729cf4aae..63c6ac998d 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_386efa1a113fac6b.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_386efa1a113fac6b.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_53db4712d83be8e6.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_53db4712d83be8e6.verified.txt
index 6ba80ba348..f8f72548a2 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_53db4712d83be8e6.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_53db4712d83be8e6.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_5e9ddd8c7c740efd.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_5e9ddd8c7c740efd.verified.txt
index 99d78eaa0e..8c676b4a2d 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_5e9ddd8c7c740efd.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_5e9ddd8c7c740efd.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_6c5b3bfc72e5878a.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_6c5b3bfc72e5878a.verified.txt
index 9729cf4aae..63c6ac998d 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_6c5b3bfc72e5878a.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_6c5b3bfc72e5878a.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_8398059a743d7027.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_8398059a743d7027.verified.txt
index 9729cf4aae..63c6ac998d 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_8398059a743d7027.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_8398059a743d7027.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_a49380ce6d1fd8ba.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_a49380ce6d1fd8ba.verified.txt
index ec4549f38a..10c48a7e98 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_a49380ce6d1fd8ba.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_a49380ce6d1fd8ba.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_c9b12fe27be53878.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_c9b12fe27be53878.verified.txt
index 92cb5caac0..3e3fa49376 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_c9b12fe27be53878.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_c9b12fe27be53878.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_d19603117eb8b51b.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_d19603117eb8b51b.verified.txt
index 99d78eaa0e..8c676b4a2d 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_d19603117eb8b51b.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_d19603117eb8b51b.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_d770d682c5802737.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_d770d682c5802737.verified.txt
index 11d8adb815..f535b969ec 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_d770d682c5802737.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_d770d682c5802737.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_ef8cc721c9dfc7e4.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_ef8cc721c9dfc7e4.verified.txt
index 9b7d9f96e9..c33ba73b09 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_ef8cc721c9dfc7e4.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_ef8cc721c9dfc7e4.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_f3897e2254996db0.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_f3897e2254996db0.verified.txt
index 5c6a0b7d6b..c8a0cd79ed 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_f3897e2254996db0.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_f3897e2254996db0.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_f4cadb897fc5b0fe.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_f4cadb897fc5b0fe.verified.txt
index aa074116d0..96e505cf62 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_f4cadb897fc5b0fe.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_f4cadb897fc5b0fe.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_f59b2a65fc1e18a3.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_f59b2a65fc1e18a3.verified.txt
index e3a6363fb1..4481d1fc60 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_f59b2a65fc1e18a3.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateRestAndGraphQLSettingsForStoredProcedures_f59b2a65fc1e18a3.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_574e1995f787740f.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_574e1995f787740f.verified.txt
index 003bc17a3e..92372cda9e 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_574e1995f787740f.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_574e1995f787740f.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_a13a9ca73b21f261.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_a13a9ca73b21f261.verified.txt
index 29d477944f..2ac7a25588 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_a13a9ca73b21f261.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_a13a9ca73b21f261.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_a5ce76c8bea25cc8.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_a5ce76c8bea25cc8.verified.txt
index 29d477944f..2ac7a25588 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_a5ce76c8bea25cc8.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_a5ce76c8bea25cc8.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_bba111332a1f973f.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_bba111332a1f973f.verified.txt
index f5dd22534c..7cfb84fad1 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_bba111332a1f973f.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateSourceStringToDatabaseSourceObject_bba111332a1f973f.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateStoredProcedureWithBothMcpProperties.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateStoredProcedureWithBothMcpProperties.verified.txt
index a2aa5c0f40..498f0818c9 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateStoredProcedureWithBothMcpProperties.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateStoredProcedureWithBothMcpProperties.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateStoredProcedureWithBothMcpPropertiesEnabled.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateStoredProcedureWithBothMcpPropertiesEnabled.verified.txt
index 6526bd5e38..42b1ba6692 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateStoredProcedureWithBothMcpPropertiesEnabled.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateStoredProcedureWithBothMcpPropertiesEnabled.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateStoredProcedureWithMcpCustomToolEnabled.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateStoredProcedureWithMcpCustomToolEnabled.verified.txt
index b74749dcf6..40e859672f 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateStoredProcedureWithMcpCustomToolEnabled.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateStoredProcedureWithMcpCustomToolEnabled.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateTableEntityWithMcpDmlTools_newMcpDmlTools=false.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateTableEntityWithMcpDmlTools_newMcpDmlTools=false.verified.txt
index 9efb911f99..2f772a5913 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateTableEntityWithMcpDmlTools_newMcpDmlTools=false.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateTableEntityWithMcpDmlTools_newMcpDmlTools=false.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateTableEntityWithMcpDmlTools_newMcpDmlTools=true.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateTableEntityWithMcpDmlTools_newMcpDmlTools=true.verified.txt
index 8ffa3b4893..b68206dbce 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateTableEntityWithMcpDmlTools_newMcpDmlTools=true.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.TestUpdateTableEntityWithMcpDmlTools_newMcpDmlTools=true.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService,
+        Provider: Unauthenticated,
         Jwt: {
           Audience: ,
           Issuer: 
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.UpdateDatabaseSourceKeyFields.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.UpdateDatabaseSourceKeyFields.verified.txt
index 73703220d8..9866d932cf 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.UpdateDatabaseSourceKeyFields.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.UpdateDatabaseSourceKeyFields.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.UpdateDatabaseSourceName.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.UpdateDatabaseSourceName.verified.txt
index 50c0a1786c..c479f34a59 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.UpdateDatabaseSourceName.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.UpdateDatabaseSourceName.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Cli.Tests/Snapshots/UpdateEntityTests.UpdateDatabaseSourceParameters.verified.txt b/src/Cli.Tests/Snapshots/UpdateEntityTests.UpdateDatabaseSourceParameters.verified.txt
index a34882cefe..760a2f8389 100644
--- a/src/Cli.Tests/Snapshots/UpdateEntityTests.UpdateDatabaseSourceParameters.verified.txt
+++ b/src/Cli.Tests/Snapshots/UpdateEntityTests.UpdateDatabaseSourceParameters.verified.txt
@@ -18,7 +18,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },

From bb114bfb5ce27a8d307d4c7f945a71224e1dc1a3 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 02:23:32 +0000
Subject: [PATCH 14/18] Add --auth.provider AppService to config generator
 command files for integration tests

Co-authored-by: Aniruddh25 <3513779+Aniruddh25@users.noreply.github.com>
---
 config-generators/cosmosdb_nosql-commands.txt | 2 +-
 config-generators/dwsql-commands.txt          | 2 +-
 config-generators/mssql-commands.txt          | 2 +-
 config-generators/mysql-commands.txt          | 2 +-
 config-generators/postgresql-commands.txt     | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/config-generators/cosmosdb_nosql-commands.txt b/config-generators/cosmosdb_nosql-commands.txt
index 42e7a6330d..392a3a7b78 100644
--- a/config-generators/cosmosdb_nosql-commands.txt
+++ b/config-generators/cosmosdb_nosql-commands.txt
@@ -1,4 +1,4 @@
-init --config "dab-config.CosmosDb_NoSql.json" --database-type "cosmosdb_nosql" --connection-string "AccountEndpoint=https://localhost:8081/;AccountKey=C2y6yDjf5/R+ob0N8A7Cgv30VRDJIWEHLM+4QDU5DE2nQ9nDuVTqobD4b8mGGyPMbIZnqyMsEcaGQy67XIw/Jw==" --cosmosdb_nosql-database "graphqldb" --cosmosdb_nosql-container "planet" --graphql-schema "schema.gql" --host-mode Development --cors-origin "http://localhost:5000"
+init --config "dab-config.CosmosDb_NoSql.json" --database-type "cosmosdb_nosql" --connection-string "AccountEndpoint=https://localhost:8081/;AccountKey=C2y6yDjf5/R+ob0N8A7Cgv30VRDJIWEHLM+4QDU5DE2nQ9nDuVTqobD4b8mGGyPMbIZnqyMsEcaGQy67XIw/Jw==" --cosmosdb_nosql-database "graphqldb" --cosmosdb_nosql-container "planet" --graphql-schema "schema.gql" --host-mode Development --cors-origin "http://localhost:5000" --auth.provider AppService
 add PlanetAlias --config "dab-config.CosmosDb_NoSql.json" --source "graphqldb.planet" --permissions "anonymous:create,read,update,delete" --graphql "Planet:Planets"
 update PlanetAlias --config "dab-config.CosmosDb_NoSql.json" --permissions "anonymous:read" --fields.include "*"
 update PlanetAlias --config "dab-config.CosmosDb_NoSql.json" --permissions "authenticated:create,read,update,delete"
diff --git a/config-generators/dwsql-commands.txt b/config-generators/dwsql-commands.txt
index df4940ae59..f1874004ca 100644
--- a/config-generators/dwsql-commands.txt
+++ b/config-generators/dwsql-commands.txt
@@ -1,4 +1,4 @@
-init --config "dab-config.DwSql.json" --database-type dwsql --set-session-context true --connection-string "Server=tcp:127.0.0.1,1433;Persist Security Info=False;User ID=sa;Password=REPLACEME;MultipleActiveResultSets=False;Connection Timeout=5;" --host-mode Development --cors-origin "http://localhost:5000"
+init --config "dab-config.DwSql.json" --database-type dwsql --set-session-context true --connection-string "Server=tcp:127.0.0.1,1433;Persist Security Info=False;User ID=sa;Password=REPLACEME;MultipleActiveResultSets=False;Connection Timeout=5;" --host-mode Development --cors-origin "http://localhost:5000" --auth.provider AppService
 add Publisher --config "dab-config.DwSql.json" --source publishers --permissions "anonymous:read" --source.key-fields "id"
 add Stock --config "dab-config.DwSql.json" --source stocks --permissions "anonymous:create,read,update,delete" --source.key-fields "categoryid,pieceid"
 add stocks_price --config "dab-config.DwSql.json" --source stocks_price --permissions "authenticated:create,read,update,delete" --source.key-fields "categoryid,pieceid,instant"
diff --git a/config-generators/mssql-commands.txt b/config-generators/mssql-commands.txt
index cecc6b522c..f22b326e50 100644
--- a/config-generators/mssql-commands.txt
+++ b/config-generators/mssql-commands.txt
@@ -1,4 +1,4 @@
-init --config "dab-config.MsSql.json" --database-type mssql --set-session-context true --connection-string "Server=tcp:127.0.0.1,1433;Persist Security Info=False;User ID=sa;Password=REPLACEME;MultipleActiveResultSets=False;Connection Timeout=5;" --host-mode Development --cors-origin "http://localhost:5000" --graphql.multiple-create.enabled true
+init --config "dab-config.MsSql.json" --database-type mssql --set-session-context true --connection-string "Server=tcp:127.0.0.1,1433;Persist Security Info=False;User ID=sa;Password=REPLACEME;MultipleActiveResultSets=False;Connection Timeout=5;" --host-mode Development --cors-origin "http://localhost:5000" --graphql.multiple-create.enabled true --auth.provider AppService
 add Publisher --config "dab-config.MsSql.json" --source publishers --permissions "anonymous:read"
 add Publisher_MM --config "dab-config.MsSql.json" --source publishers_mm --graphql "Publisher_MM:Publishers_MM" --permissions "anonymous:*"
 add Stock --config "dab-config.MsSql.json" --source stocks --permissions "anonymous:create,read,update,delete"
diff --git a/config-generators/mysql-commands.txt b/config-generators/mysql-commands.txt
index 9f1e705eee..1a6faeb740 100644
--- a/config-generators/mysql-commands.txt
+++ b/config-generators/mysql-commands.txt
@@ -1,4 +1,4 @@
-init --config "dab-config.MySql.json" --database-type mysql --connection-string "server=localhost;database=datagatewaytest;uid=root;pwd=REPLACEME" --host-mode Development --cors-origin "http://localhost:5000"
+init --config "dab-config.MySql.json" --database-type mysql --connection-string "server=localhost;database=datagatewaytest;uid=root;pwd=REPLACEME" --host-mode Development --cors-origin "http://localhost:5000" --auth.provider AppService
 add Publisher --config "dab-config.MySql.json" --source publishers --permissions "anonymous:read"
 add Stock --config "dab-config.MySql.json" --source stocks --permissions "anonymous:create,read,update,delete"
 add Book --config "dab-config.MySql.json" --source books --permissions "anonymous:create,read,update,delete" --graphql "book:books"
diff --git a/config-generators/postgresql-commands.txt b/config-generators/postgresql-commands.txt
index 510d459d54..ce86ca8316 100644
--- a/config-generators/postgresql-commands.txt
+++ b/config-generators/postgresql-commands.txt
@@ -1,4 +1,4 @@
-init --config "dab-config.PostgreSql.json" --database-type postgresql --connection-string "Host=localhost;Database=datagatewaytest;username=REPLACEME;password=REPLACEME" --host-mode Development --cors-origin "http://localhost:5000"
+init --config "dab-config.PostgreSql.json" --database-type postgresql --connection-string "Host=localhost;Database=datagatewaytest;username=REPLACEME;password=REPLACEME" --host-mode Development --cors-origin "http://localhost:5000" --auth.provider AppService
 add Publisher --config "dab-config.PostgreSql.json" --source publishers --permissions "anonymous:read"
 add Stock --config "dab-config.PostgreSql.json" --source stocks --permissions "anonymous:create,read,update,delete"
 add Book --config "dab-config.PostgreSql.json" --source books --permissions "anonymous:create,read,update,delete" --graphql "book:books"

From d9b2ec53c9c24c252b1174fd2b0b6c1c058d61af Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 02:27:13 +0000
Subject: [PATCH 15/18] Revert config-generator commands and update test
 configs to use Unauthenticated provider

Co-authored-by: Aniruddh25 <3513779+Aniruddh25@users.noreply.github.com>
---
 config-generators/cosmosdb_nosql-commands.txt    | 2 +-
 config-generators/dwsql-commands.txt             | 2 +-
 config-generators/mssql-commands.txt             | 2 +-
 config-generators/mysql-commands.txt             | 2 +-
 config-generators/postgresql-commands.txt        | 2 +-
 src/Service.Tests/dab-config.CosmosDb_NoSql.json | 2 +-
 src/Service.Tests/dab-config.DwSql.json          | 2 +-
 src/Service.Tests/dab-config.MsSql.json          | 2 +-
 src/Service.Tests/dab-config.MySql.json          | 2 +-
 src/Service.Tests/dab-config.PostgreSql.json     | 2 +-
 10 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/config-generators/cosmosdb_nosql-commands.txt b/config-generators/cosmosdb_nosql-commands.txt
index 392a3a7b78..42e7a6330d 100644
--- a/config-generators/cosmosdb_nosql-commands.txt
+++ b/config-generators/cosmosdb_nosql-commands.txt
@@ -1,4 +1,4 @@
-init --config "dab-config.CosmosDb_NoSql.json" --database-type "cosmosdb_nosql" --connection-string "AccountEndpoint=https://localhost:8081/;AccountKey=C2y6yDjf5/R+ob0N8A7Cgv30VRDJIWEHLM+4QDU5DE2nQ9nDuVTqobD4b8mGGyPMbIZnqyMsEcaGQy67XIw/Jw==" --cosmosdb_nosql-database "graphqldb" --cosmosdb_nosql-container "planet" --graphql-schema "schema.gql" --host-mode Development --cors-origin "http://localhost:5000" --auth.provider AppService
+init --config "dab-config.CosmosDb_NoSql.json" --database-type "cosmosdb_nosql" --connection-string "AccountEndpoint=https://localhost:8081/;AccountKey=C2y6yDjf5/R+ob0N8A7Cgv30VRDJIWEHLM+4QDU5DE2nQ9nDuVTqobD4b8mGGyPMbIZnqyMsEcaGQy67XIw/Jw==" --cosmosdb_nosql-database "graphqldb" --cosmosdb_nosql-container "planet" --graphql-schema "schema.gql" --host-mode Development --cors-origin "http://localhost:5000"
 add PlanetAlias --config "dab-config.CosmosDb_NoSql.json" --source "graphqldb.planet" --permissions "anonymous:create,read,update,delete" --graphql "Planet:Planets"
 update PlanetAlias --config "dab-config.CosmosDb_NoSql.json" --permissions "anonymous:read" --fields.include "*"
 update PlanetAlias --config "dab-config.CosmosDb_NoSql.json" --permissions "authenticated:create,read,update,delete"
diff --git a/config-generators/dwsql-commands.txt b/config-generators/dwsql-commands.txt
index f1874004ca..df4940ae59 100644
--- a/config-generators/dwsql-commands.txt
+++ b/config-generators/dwsql-commands.txt
@@ -1,4 +1,4 @@
-init --config "dab-config.DwSql.json" --database-type dwsql --set-session-context true --connection-string "Server=tcp:127.0.0.1,1433;Persist Security Info=False;User ID=sa;Password=REPLACEME;MultipleActiveResultSets=False;Connection Timeout=5;" --host-mode Development --cors-origin "http://localhost:5000" --auth.provider AppService
+init --config "dab-config.DwSql.json" --database-type dwsql --set-session-context true --connection-string "Server=tcp:127.0.0.1,1433;Persist Security Info=False;User ID=sa;Password=REPLACEME;MultipleActiveResultSets=False;Connection Timeout=5;" --host-mode Development --cors-origin "http://localhost:5000"
 add Publisher --config "dab-config.DwSql.json" --source publishers --permissions "anonymous:read" --source.key-fields "id"
 add Stock --config "dab-config.DwSql.json" --source stocks --permissions "anonymous:create,read,update,delete" --source.key-fields "categoryid,pieceid"
 add stocks_price --config "dab-config.DwSql.json" --source stocks_price --permissions "authenticated:create,read,update,delete" --source.key-fields "categoryid,pieceid,instant"
diff --git a/config-generators/mssql-commands.txt b/config-generators/mssql-commands.txt
index f22b326e50..cecc6b522c 100644
--- a/config-generators/mssql-commands.txt
+++ b/config-generators/mssql-commands.txt
@@ -1,4 +1,4 @@
-init --config "dab-config.MsSql.json" --database-type mssql --set-session-context true --connection-string "Server=tcp:127.0.0.1,1433;Persist Security Info=False;User ID=sa;Password=REPLACEME;MultipleActiveResultSets=False;Connection Timeout=5;" --host-mode Development --cors-origin "http://localhost:5000" --graphql.multiple-create.enabled true --auth.provider AppService
+init --config "dab-config.MsSql.json" --database-type mssql --set-session-context true --connection-string "Server=tcp:127.0.0.1,1433;Persist Security Info=False;User ID=sa;Password=REPLACEME;MultipleActiveResultSets=False;Connection Timeout=5;" --host-mode Development --cors-origin "http://localhost:5000" --graphql.multiple-create.enabled true
 add Publisher --config "dab-config.MsSql.json" --source publishers --permissions "anonymous:read"
 add Publisher_MM --config "dab-config.MsSql.json" --source publishers_mm --graphql "Publisher_MM:Publishers_MM" --permissions "anonymous:*"
 add Stock --config "dab-config.MsSql.json" --source stocks --permissions "anonymous:create,read,update,delete"
diff --git a/config-generators/mysql-commands.txt b/config-generators/mysql-commands.txt
index 1a6faeb740..9f1e705eee 100644
--- a/config-generators/mysql-commands.txt
+++ b/config-generators/mysql-commands.txt
@@ -1,4 +1,4 @@
-init --config "dab-config.MySql.json" --database-type mysql --connection-string "server=localhost;database=datagatewaytest;uid=root;pwd=REPLACEME" --host-mode Development --cors-origin "http://localhost:5000" --auth.provider AppService
+init --config "dab-config.MySql.json" --database-type mysql --connection-string "server=localhost;database=datagatewaytest;uid=root;pwd=REPLACEME" --host-mode Development --cors-origin "http://localhost:5000"
 add Publisher --config "dab-config.MySql.json" --source publishers --permissions "anonymous:read"
 add Stock --config "dab-config.MySql.json" --source stocks --permissions "anonymous:create,read,update,delete"
 add Book --config "dab-config.MySql.json" --source books --permissions "anonymous:create,read,update,delete" --graphql "book:books"
diff --git a/config-generators/postgresql-commands.txt b/config-generators/postgresql-commands.txt
index ce86ca8316..510d459d54 100644
--- a/config-generators/postgresql-commands.txt
+++ b/config-generators/postgresql-commands.txt
@@ -1,4 +1,4 @@
-init --config "dab-config.PostgreSql.json" --database-type postgresql --connection-string "Host=localhost;Database=datagatewaytest;username=REPLACEME;password=REPLACEME" --host-mode Development --cors-origin "http://localhost:5000" --auth.provider AppService
+init --config "dab-config.PostgreSql.json" --database-type postgresql --connection-string "Host=localhost;Database=datagatewaytest;username=REPLACEME;password=REPLACEME" --host-mode Development --cors-origin "http://localhost:5000"
 add Publisher --config "dab-config.PostgreSql.json" --source publishers --permissions "anonymous:read"
 add Stock --config "dab-config.PostgreSql.json" --source stocks --permissions "anonymous:create,read,update,delete"
 add Book --config "dab-config.PostgreSql.json" --source books --permissions "anonymous:create,read,update,delete" --graphql "book:books"
diff --git a/src/Service.Tests/dab-config.CosmosDb_NoSql.json b/src/Service.Tests/dab-config.CosmosDb_NoSql.json
index 26f2e3fc3c..67009d73b0 100644
--- a/src/Service.Tests/dab-config.CosmosDb_NoSql.json
+++ b/src/Service.Tests/dab-config.CosmosDb_NoSql.json
@@ -28,7 +28,7 @@
         "allow-credentials": false
       },
       "authentication": {
-        "provider": "AppService"
+        "provider": "Unauthenticated"
       },
       "mode": "development"
     },
diff --git a/src/Service.Tests/dab-config.DwSql.json b/src/Service.Tests/dab-config.DwSql.json
index a5eec531b8..5b5eac3cac 100644
--- a/src/Service.Tests/dab-config.DwSql.json
+++ b/src/Service.Tests/dab-config.DwSql.json
@@ -26,7 +26,7 @@
         "allow-credentials": false
       },
       "authentication": {
-        "provider": "AppService"
+        "provider": "Unauthenticated"
       },
       "mode": "development"
     }
diff --git a/src/Service.Tests/dab-config.MsSql.json b/src/Service.Tests/dab-config.MsSql.json
index 157bf87b8c..91cc096132 100644
--- a/src/Service.Tests/dab-config.MsSql.json
+++ b/src/Service.Tests/dab-config.MsSql.json
@@ -36,7 +36,7 @@
         "allow-credentials": false
       },
       "authentication": {
-        "provider": "AppService"
+        "provider": "Unauthenticated"
       },
       "mode": "development"
     }
diff --git a/src/Service.Tests/dab-config.MySql.json b/src/Service.Tests/dab-config.MySql.json
index c08069a5c8..d9a071453b 100644
--- a/src/Service.Tests/dab-config.MySql.json
+++ b/src/Service.Tests/dab-config.MySql.json
@@ -24,7 +24,7 @@
         "allow-credentials": false
       },
       "authentication": {
-        "provider": "AppService"
+        "provider": "Unauthenticated"
       },
       "mode": "development"
     }
diff --git a/src/Service.Tests/dab-config.PostgreSql.json b/src/Service.Tests/dab-config.PostgreSql.json
index 48f9700754..43d9f62c86 100644
--- a/src/Service.Tests/dab-config.PostgreSql.json
+++ b/src/Service.Tests/dab-config.PostgreSql.json
@@ -24,7 +24,7 @@
         "allow-credentials": false
       },
       "authentication": {
-        "provider": "AppService"
+        "provider": "Unauthenticated"
       },
       "mode": "development"
     }

From 684a9c6f637299ae233dadb423e02c9b05684b8d Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 8 Mar 2026 02:44:17 +0000
Subject: [PATCH 16/18] Update Service.Tests snapshots to use Unauthenticated
 provider

Co-authored-by: Aniruddh25 <3513779+Aniruddh25@users.noreply.github.com>
---
 ...gurationTests.TestReadingRuntimeConfigForCosmos.verified.txt | 2 +-
 ...igurationTests.TestReadingRuntimeConfigForMsSql.verified.txt | 2 +-
 ...igurationTests.TestReadingRuntimeConfigForMySql.verified.txt | 2 +-
 ...tionTests.TestReadingRuntimeConfigForPostgreSql.verified.txt | 2 +-
 .../CorsUnitTests.TestCorsConfigReadCorrectly.verified.txt      | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForCosmos.verified.txt b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForCosmos.verified.txt
index 9279da9d59..0e62a9a576 100644
--- a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForCosmos.verified.txt
+++ b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForCosmos.verified.txt
@@ -45,7 +45,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMsSql.verified.txt b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMsSql.verified.txt
index 35fd562c87..8521caf5f8 100644
--- a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMsSql.verified.txt
+++ b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMsSql.verified.txt
@@ -49,7 +49,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMySql.verified.txt b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMySql.verified.txt
index 1490309ece..cac24c9fbc 100644
--- a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMySql.verified.txt
+++ b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMySql.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForPostgreSql.verified.txt b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForPostgreSql.verified.txt
index ceba40ae63..e7a19468c1 100644
--- a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForPostgreSql.verified.txt
+++ b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForPostgreSql.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: AppService
+        Provider: Unauthenticated
       }
     }
   },
diff --git a/src/Service.Tests/Snapshots/CorsUnitTests.TestCorsConfigReadCorrectly.verified.txt b/src/Service.Tests/Snapshots/CorsUnitTests.TestCorsConfigReadCorrectly.verified.txt
index ce6395909b..4b898b41af 100644
--- a/src/Service.Tests/Snapshots/CorsUnitTests.TestCorsConfigReadCorrectly.verified.txt
+++ b/src/Service.Tests/Snapshots/CorsUnitTests.TestCorsConfigReadCorrectly.verified.txt
@@ -3,6 +3,6 @@
     AllowCredentials: false
   },
   Authentication: {
-    Provider: AppService
+    Provider: Unauthenticated
   }
 }
\ No newline at end of file

From 1c13dd558733f3bf19469f9b2db3352de3958365 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 11 Mar 2026 09:18:00 +0000
Subject: [PATCH 17/18] Fix snapshot tests to use Unauthenticated as default
 provider in test helpers

Co-authored-by: souvikghosh04 <210500244+souvikghosh04@users.noreply.github.com>
---
 src/Cli.Tests/InitTests.cs                     | 18 +++++++++---------
 ...tionProviders_b95b637ea87f16a7.verified.txt |  2 +-
 src/Cli.Tests/TestHelper.cs                    |  2 +-
 src/Cli.Tests/UpdateEntityTests.cs             |  2 +-
 4 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/src/Cli.Tests/InitTests.cs b/src/Cli.Tests/InitTests.cs
index 96ba1ad66b..7b488fa230 100644
--- a/src/Cli.Tests/InitTests.cs
+++ b/src/Cli.Tests/InitTests.cs
@@ -49,7 +49,7 @@ public Task MsSQLDatabase()
                 setSessionContext: true,
                 hostMode: HostMode.Development,
                 corsOrigin: new List<string>() { "http://localhost:3000", "http://nolocalhost:80" },
-                authenticationProvider: EasyAuthType.AppService.ToString(),
+                authenticationProvider: "Unauthenticated",
                 restPath: "rest-api",
                 config: TEST_RUNTIME_CONFIG_FILE);
 
@@ -71,7 +71,7 @@ public Task CosmosDbPostgreSqlDatabase()
                 setSessionContext: false,
                 hostMode: HostMode.Development,
                 corsOrigin: new List<string>() { "http://localhost:3000", "http://nolocalhost:80" },
-                authenticationProvider: EasyAuthType.AppService.ToString(),
+                authenticationProvider: "Unauthenticated",
                 restPath: "/rest-endpoint",
                 config: TEST_RUNTIME_CONFIG_FILE);
 
@@ -94,7 +94,7 @@ public Task TestInitializingConfigWithoutConnectionString()
                 setSessionContext: false,
                 hostMode: HostMode.Development,
                 corsOrigin: new List<string>() { "http://localhost:3000", "http://nolocalhost:80" },
-                authenticationProvider: EasyAuthType.AppService.ToString(),
+                authenticationProvider: "Unauthenticated",
                 config: TEST_RUNTIME_CONFIG_FILE);
 
             return ExecuteVerifyTest(options);
@@ -118,7 +118,7 @@ public Task CosmosDbNoSqlDatabase()
                 setSessionContext: false,
                 hostMode: HostMode.Production,
                 corsOrigin: null,
-                authenticationProvider: EasyAuthType.AppService.ToString(),
+                authenticationProvider: "Unauthenticated",
                 config: TEST_RUNTIME_CONFIG_FILE);
 
             return ExecuteVerifyTest(options);
@@ -245,7 +245,7 @@ public Task TestSpecialCharactersInConnectionString()
                 setSessionContext: false,
                 hostMode: HostMode.Production,
                 corsOrigin: null,
-                authenticationProvider: EasyAuthType.AppService.ToString(),
+                authenticationProvider: "Unauthenticated",
                 config: TEST_RUNTIME_CONFIG_FILE);
 
             return ExecuteVerifyTest(options);
@@ -385,7 +385,7 @@ public Task RestPathWithoutStartingSlashWillHaveItAdded()
                 setSessionContext: false,
                 hostMode: HostMode.Production,
                 corsOrigin: null,
-                authenticationProvider: EasyAuthType.AppService.ToString(),
+                authenticationProvider: "Unauthenticated",
                 restPath: "abc",
                 config: TEST_RUNTIME_CONFIG_FILE);
 
@@ -404,7 +404,7 @@ public Task GraphQLPathWithoutStartingSlashWillHaveItAdded()
                 setSessionContext: false,
                 hostMode: HostMode.Production,
                 corsOrigin: null,
-                authenticationProvider: EasyAuthType.AppService.ToString(),
+                authenticationProvider: "Unauthenticated",
                 graphQLPath: "abc",
                 config: TEST_RUNTIME_CONFIG_FILE);
 
@@ -467,7 +467,7 @@ public Task VerifyCorrectConfigGenerationWithMultipleMutationOptions(DatabaseTyp
                 setSessionContext: true,
                 hostMode: HostMode.Development,
                 corsOrigin: new List<string>() { "http://localhost:3000", "http://nolocalhost:80" },
-                authenticationProvider: EasyAuthType.AppService.ToString(),
+                authenticationProvider: "Unauthenticated",
                 restPath: "rest-api",
                 config: TEST_RUNTIME_CONFIG_FILE,
                 multipleCreateOperationEnabled: isMultipleCreateEnabled);
@@ -483,7 +483,7 @@ public Task VerifyCorrectConfigGenerationWithMultipleMutationOptions(DatabaseTyp
                 setSessionContext: true,
                 hostMode: HostMode.Development,
                 corsOrigin: new List<string>() { "http://localhost:3000", "http://nolocalhost:80" },
-                authenticationProvider: EasyAuthType.AppService.ToString(),
+                authenticationProvider: "Unauthenticated",
                 restPath: "rest-api",
                 config: TEST_RUNTIME_CONFIG_FILE,
                 multipleCreateOperationEnabled: isMultipleCreateEnabled);
diff --git a/src/Cli.Tests/Snapshots/InitTests.EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders_b95b637ea87f16a7.verified.txt b/src/Cli.Tests/Snapshots/InitTests.EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders_b95b637ea87f16a7.verified.txt
index c22463b483..25e3976685 100644
--- a/src/Cli.Tests/Snapshots/InitTests.EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders_b95b637ea87f16a7.verified.txt
+++ b/src/Cli.Tests/Snapshots/InitTests.EnsureCorrectConfigGenerationWithDifferentAuthenticationProviders_b95b637ea87f16a7.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: Unauthenticated
+        Provider: AppService
       },
       Mode: Production
     }
diff --git a/src/Cli.Tests/TestHelper.cs b/src/Cli.Tests/TestHelper.cs
index a75e359ee4..28f669ecc7 100644
--- a/src/Cli.Tests/TestHelper.cs
+++ b/src/Cli.Tests/TestHelper.cs
@@ -170,7 +170,7 @@ public static Process ExecuteDabCommand(string command, string flags)
                       ""allow-credentials"": false
                   },
                   ""authentication"": {
-                      ""provider"": ""AppService""
+                      ""provider"": ""Unauthenticated""
                   }
               }
           }";
diff --git a/src/Cli.Tests/UpdateEntityTests.cs b/src/Cli.Tests/UpdateEntityTests.cs
index effea1fa68..42f78ab126 100644
--- a/src/Cli.Tests/UpdateEntityTests.cs
+++ b/src/Cli.Tests/UpdateEntityTests.cs
@@ -1211,7 +1211,7 @@ private static string GetInitialConfigString()
                                     ""allow-credentials"": false
                                 },
                                 ""authentication"": {
-                                    ""provider"": ""AppService"",
+                                    ""provider"": ""Unauthenticated"",
                                     ""jwt"": {
                                     ""audience"": """",
                                     ""issuer"": """"

From 78e347624ab77dd2b735fef6fa70699e1a6e4c3e Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Wed, 11 Mar 2026 10:31:00 +0000
Subject: [PATCH 18/18] Revert integration test config files to use AppService
 - Unauthenticated breaks role-based policy tests

Co-authored-by: souvikghosh04 <210500244+souvikghosh04@users.noreply.github.com>
---
 ...gurationTests.TestReadingRuntimeConfigForCosmos.verified.txt | 2 +-
 ...igurationTests.TestReadingRuntimeConfigForMsSql.verified.txt | 2 +-
 ...igurationTests.TestReadingRuntimeConfigForMySql.verified.txt | 2 +-
 ...tionTests.TestReadingRuntimeConfigForPostgreSql.verified.txt | 2 +-
 .../CorsUnitTests.TestCorsConfigReadCorrectly.verified.txt      | 2 +-
 src/Service.Tests/dab-config.CosmosDb_NoSql.json                | 2 +-
 src/Service.Tests/dab-config.DwSql.json                         | 2 +-
 src/Service.Tests/dab-config.MsSql.json                         | 2 +-
 src/Service.Tests/dab-config.MySql.json                         | 2 +-
 src/Service.Tests/dab-config.PostgreSql.json                    | 2 +-
 10 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForCosmos.verified.txt b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForCosmos.verified.txt
index 0e62a9a576..9279da9d59 100644
--- a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForCosmos.verified.txt
+++ b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForCosmos.verified.txt
@@ -45,7 +45,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: Unauthenticated
+        Provider: AppService
       }
     }
   },
diff --git a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMsSql.verified.txt b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMsSql.verified.txt
index 8521caf5f8..35fd562c87 100644
--- a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMsSql.verified.txt
+++ b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMsSql.verified.txt
@@ -49,7 +49,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: Unauthenticated
+        Provider: AppService
       }
     }
   },
diff --git a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMySql.verified.txt b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMySql.verified.txt
index cac24c9fbc..1490309ece 100644
--- a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMySql.verified.txt
+++ b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForMySql.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: Unauthenticated
+        Provider: AppService
       }
     }
   },
diff --git a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForPostgreSql.verified.txt b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForPostgreSql.verified.txt
index e7a19468c1..ceba40ae63 100644
--- a/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForPostgreSql.verified.txt
+++ b/src/Service.Tests/Snapshots/ConfigurationTests.TestReadingRuntimeConfigForPostgreSql.verified.txt
@@ -41,7 +41,7 @@
         AllowCredentials: false
       },
       Authentication: {
-        Provider: Unauthenticated
+        Provider: AppService
       }
     }
   },
diff --git a/src/Service.Tests/Snapshots/CorsUnitTests.TestCorsConfigReadCorrectly.verified.txt b/src/Service.Tests/Snapshots/CorsUnitTests.TestCorsConfigReadCorrectly.verified.txt
index 4b898b41af..ce6395909b 100644
--- a/src/Service.Tests/Snapshots/CorsUnitTests.TestCorsConfigReadCorrectly.verified.txt
+++ b/src/Service.Tests/Snapshots/CorsUnitTests.TestCorsConfigReadCorrectly.verified.txt
@@ -3,6 +3,6 @@
     AllowCredentials: false
   },
   Authentication: {
-    Provider: Unauthenticated
+    Provider: AppService
   }
 }
\ No newline at end of file
diff --git a/src/Service.Tests/dab-config.CosmosDb_NoSql.json b/src/Service.Tests/dab-config.CosmosDb_NoSql.json
index 67009d73b0..26f2e3fc3c 100644
--- a/src/Service.Tests/dab-config.CosmosDb_NoSql.json
+++ b/src/Service.Tests/dab-config.CosmosDb_NoSql.json
@@ -28,7 +28,7 @@
         "allow-credentials": false
       },
       "authentication": {
-        "provider": "Unauthenticated"
+        "provider": "AppService"
       },
       "mode": "development"
     },
diff --git a/src/Service.Tests/dab-config.DwSql.json b/src/Service.Tests/dab-config.DwSql.json
index 5b5eac3cac..a5eec531b8 100644
--- a/src/Service.Tests/dab-config.DwSql.json
+++ b/src/Service.Tests/dab-config.DwSql.json
@@ -26,7 +26,7 @@
         "allow-credentials": false
       },
       "authentication": {
-        "provider": "Unauthenticated"
+        "provider": "AppService"
       },
       "mode": "development"
     }
diff --git a/src/Service.Tests/dab-config.MsSql.json b/src/Service.Tests/dab-config.MsSql.json
index 91cc096132..157bf87b8c 100644
--- a/src/Service.Tests/dab-config.MsSql.json
+++ b/src/Service.Tests/dab-config.MsSql.json
@@ -36,7 +36,7 @@
         "allow-credentials": false
       },
       "authentication": {
-        "provider": "Unauthenticated"
+        "provider": "AppService"
       },
       "mode": "development"
     }
diff --git a/src/Service.Tests/dab-config.MySql.json b/src/Service.Tests/dab-config.MySql.json
index d9a071453b..c08069a5c8 100644
--- a/src/Service.Tests/dab-config.MySql.json
+++ b/src/Service.Tests/dab-config.MySql.json
@@ -24,7 +24,7 @@
         "allow-credentials": false
       },
       "authentication": {
-        "provider": "Unauthenticated"
+        "provider": "AppService"
       },
       "mode": "development"
     }
diff --git a/src/Service.Tests/dab-config.PostgreSql.json b/src/Service.Tests/dab-config.PostgreSql.json
index 43d9f62c86..48f9700754 100644
--- a/src/Service.Tests/dab-config.PostgreSql.json
+++ b/src/Service.Tests/dab-config.PostgreSql.json
@@ -24,7 +24,7 @@
         "allow-credentials": false
       },
       "authentication": {
-        "provider": "Unauthenticated"
+        "provider": "AppService"
       },
       "mode": "development"
     }