diff --git a/packages/ms-authenticator/src/authenticators/MsAuthenticator.ts b/packages/ms-authenticator/src/authenticators/MsAuthenticator.ts
index 65a9fbb9d..d55bf545c 100644
--- a/packages/ms-authenticator/src/authenticators/MsAuthenticator.ts
+++ b/packages/ms-authenticator/src/authenticators/MsAuthenticator.ts
@@ -3,6 +3,20 @@ import { IMsAuthenticationClientCredentialArgs, IMsAuthenticationUsernamePasswor
 
 import { fetch } from 'cross-fetch'
 
+const EU = 'EU'
+
+const HTTP_METHOD_GET = 'GET';
+
+const MS_IDENTITY_HOST_NAME_NONE_EU = 'https://beta.did.msidentity.com/v1.0/';
+const MS_IDENTITY_HOST_NAME_EU = 'https://beta.eu.did.msidentity.com/v1.0/';
+const MS_LOGIN_PREFIX = 'https://login.microsoftonline.com/';
+const MS_LOGIN_OPENID_CONFIG_POSTFIX = '/v2.0/.well-known/openid-configuration';
+const MS_CLIENT_CREDENTIAL_DEFAULT_SCOPE = '3db474b9-6a0c-4840-96ac-1fceb342124f/.default';
+
+const ERROR_CREDENTIAL_MANIFEST_REGION = `Error in config file. CredentialManifest URL configured for wrong tenant region. Should start with:`;
+const ERROR_ACQUIRE_ACCESS_TOKEN_FOR_CLIENT = 'Could not acquire credentials to access your Azure Key Vault:\n'
+const ERROR_FAILED_AUTHENTICATION = 'failed to authenticate: ';
+
 /**
  * necessary fields are:
  *   azClientId: clientId of the application you're trying to login
@@ -17,7 +31,7 @@ export async function ClientCredentialAuthenticator(authenticationArgs: IMsAuthe
   const msalConfig = {
     auth: {
       clientId: authenticationArgs.azClientId,
-      authority: authenticationArgs.authority ? authenticationArgs.authority : 'https://login.microsoftonline.com/' + authenticationArgs.azTenantId,
+      authority: authenticationArgs.authority ? authenticationArgs.authority : MS_LOGIN_PREFIX + authenticationArgs.azTenantId,
       clientSecret: authenticationArgs.azClientSecret,
     },
     system: {
@@ -30,19 +44,19 @@ export async function ClientCredentialAuthenticator(authenticationArgs: IMsAuthe
 
   const cca = new ConfidentialClientApplication(msalConfig)
   const msalClientCredentialRequest = {
-    scopes: authenticationArgs.scopes ? authenticationArgs.scopes : ['3db474b9-6a0c-4840-96ac-1fceb342124f/.default'],
+    scopes: authenticationArgs.scopes ? authenticationArgs.scopes : [MS_CLIENT_CREDENTIAL_DEFAULT_SCOPE],
     skipCache: authenticationArgs.skipCache ? authenticationArgs.skipCache : false
   }
-  await fetch('https://login.microsoftonline.com/' + authenticationArgs.azTenantId + '/v2.0/.well-known/openid-configuration', {method: 'GET'})
+  await fetch(MS_LOGIN_PREFIX + authenticationArgs.azTenantId + MS_LOGIN_OPENID_CONFIG_POSTFIX, {method: HTTP_METHOD_GET})
   .then((res) => res.json())
   .then(async (resp) => {
-    let msIdentityHostName = 'https://beta.did.msidentity.com/v1.0/'
-    if (resp.tenant_region_scope == 'EU') {
-      msIdentityHostName = 'https://beta.eu.did.msidentity.com/v1.0/'
+    let msIdentityHostName =  MS_IDENTITY_HOST_NAME_NONE_EU;
+    if (resp.tenant_region_scope == EU) {
+      msIdentityHostName = MS_IDENTITY_HOST_NAME_EU;
     }
     // Check that the Credential Manifest URL is in the same tenant Region and throw an error if it's not
-    if (!authenticationArgs.credentialManifest.startsWith(msIdentityHostName)) {
-      throw new Error(`Error in config file. CredentialManifest URL configured for wrong tenant region. Should start with:` + msIdentityHostName)
+    if (!authenticationArgs.credentialManifestUrl.startsWith(msIdentityHostName)) {
+      throw new Error(ERROR_CREDENTIAL_MANIFEST_REGION + msIdentityHostName)
     }
 
     // get the Access Token
@@ -53,7 +67,7 @@ export async function ClientCredentialAuthenticator(authenticationArgs: IMsAuthe
       }
     } catch {
       throw {
-        error: 'Could not acquire credentials to access your Azure Key Vault:\n' + JSON.stringify(resp),
+        error: ERROR_ACQUIRE_ACCESS_TOKEN_FOR_CLIENT + JSON.stringify(resp),
       }
     }
     return ''
@@ -70,7 +84,7 @@ export async function UsernamePasswordAuthenticator(authenticationArgs: IMsAuthe
   const msalConfig = {
     auth: {
       clientId: authenticationArgs.azClientId,
-      authority: authenticationArgs.authority ? authenticationArgs.authority : 'https://login.microsoftonline.com/' + authenticationArgs.azTenantId,
+      authority: authenticationArgs.authority ? authenticationArgs.authority : MS_LOGIN_PREFIX + authenticationArgs.azTenantId,
     },
   }
   const pca = new PublicClientApplication(msalConfig)
@@ -80,6 +94,6 @@ export async function UsernamePasswordAuthenticator(authenticationArgs: IMsAuthe
     return response
   })
   .catch((error: any) => {
-    throw new Error("failed to authenticate: " + error)
+    throw new Error(ERROR_FAILED_AUTHENTICATION + error)
   })
 }