From a32f86e40dc70832371171fc132901915d5d1091 Mon Sep 17 00:00:00 2001
From: Keepers <ryanfkeepers@gmail.com>
Date: Mon, 17 Oct 2022 14:47:04 -0600
Subject: [PATCH] migrate naming of azure env vars (#1176)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

## Description

migrates the client_id, client_secret, and tenant_id
environment variables to versions prepended with
azure_*.

⚠️  Your local environment will need to change in the following ways:  ⚠️
1. prepend `AZURE_` to your clientID, clientSecret, and tenantID env vars.
2. update those same env references in any `.corso.env` files used for copying envs to docker containers.
3. in `.corso.toml` (and any variants such as .corso_test.toml), replace `tenantid` with `azure_tenantid`.

## Type of change

- [x] :hamster: Trivial/Minor

## Issue(s)

* #558

## Test Plan

- [x] :muscle: Manual
- [x] :zap: Unit test
- [x] :green_heart: E2E
---
 .github/workflows/ci.yml                      |  6 +--
 .github/workflows/ci_test_cleanup.yml         |  6 +--
 .github/workflows/load_test.yml               | 14 +++----
 design/cli.md                                 |  8 ++--
 docs/docs/configuration/m365_access.md        |  6 +--
 docs/docs/developers/testing.md               |  6 +--
 docs/docs/install.md                          |  6 +--
 src/cli/config/account.go                     | 17 ++++----
 src/cli/config/config.go                      |  6 +--
 src/cli/config/config_test.go                 | 40 +++++++++----------
 src/cli/help/env.go                           |  4 +-
 src/cmd/factory/factory.go                    |  6 +--
 src/cmd/purge/purge.go                        |  4 +-
 .../exchange/contact_folder_cache_test.go     |  1 +
 .../exchange/event_calendar_cache_test.go     |  1 +
 .../exchange/exchange_service_test.go         | 17 ++++----
 .../connector/exchange/iterators_test.go      |  1 +
 .../exchange/mail_folder_cache_test.go        |  1 +
 .../connector/exchange/service_functions.go   | 10 ++---
 .../exchange/service_functions_test.go        |  1 +
 .../connector/exchange/service_iterators.go   |  4 +-
 src/internal/connector/graph_connector.go     | 10 ++---
 .../graph_connector_disconnected_test.go      |  6 +--
 .../connector/graph_connector_test.go         |  1 +
 src/internal/connector/onedrive/drive.go      |  6 ++-
 src/internal/connector/onedrive/drive_test.go |  6 +--
 src/internal/connector/onedrive/item_test.go  |  3 +-
 src/internal/events/events_test.go            |  6 +--
 src/internal/tester/account.go                |  8 ++--
 src/internal/tester/config.go                 |  4 +-
 src/internal/tester/integration_runners.go    | 28 +++++++------
 src/pkg/account/m365.go                       | 30 +++++++-------
 src/pkg/account/m365_test.go                  | 30 +++++++-------
 src/pkg/credentials/m365.go                   | 16 ++++----
 34 files changed, 167 insertions(+), 152 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 2ce623da8..7714e3023 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -135,12 +135,12 @@ jobs:
       # run the tests
       - name: Integration Tests
         env:
-          CLIENT_ID: ${{ secrets.CLIENT_ID }}
-          CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_CLIENT_ID: ${{ secrets.CLIENT_ID }}
+          AZURE_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_TENANT_ID: ${{ secrets.TENANT_ID }}
           CORSO_CI_TESTS: true 
           CORSO_M356_TEST_USER_ID: ${{ secrets.CORSO_M356_TEST_USER_ID }}
           CORSO_PASSPHRASE: ${{ secrets.INTEGRATION_TEST_CORSO_PASSPHRASE }}
-          TENANT_ID: ${{ secrets.TENANT_ID }}
         run: |
           set -euo pipefail
           go test \
diff --git a/.github/workflows/ci_test_cleanup.yml b/.github/workflows/ci_test_cleanup.yml
index a8feca884..7886ffbd1 100644
--- a/.github/workflows/ci_test_cleanup.yml
+++ b/.github/workflows/ci_test_cleanup.yml
@@ -31,11 +31,11 @@ jobs:
       - name: Purge folders
         working-directory: ./src
         env:
-          CLIENT_ID: ${{ secrets.CLIENT_ID }}
-          CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_CLIENT_ID: ${{ secrets.CLIENT_ID }}
+          AZURE_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_TENANT_ID: ${{ secrets.TENANT_ID }}
           CORSO_M356_TEST_USER_ID: ${{ secrets.CORSO_M356_TEST_USER_ID }}
           DELETE_FOLDER_PREFIX: "Corso_Restore_"
-          TENANT_ID: ${{ secrets.TENANT_ID }}
         run: >
           go run ./cmd/purge/purge.go
           --user ${{ secrets.CORSO_M356_TEST_USER_ID }}
diff --git a/.github/workflows/load_test.yml b/.github/workflows/load_test.yml
index 750f20c0e..d9ff4d0bf 100644
--- a/.github/workflows/load_test.yml
+++ b/.github/workflows/load_test.yml
@@ -48,11 +48,11 @@ jobs:
       # run the tests
       - name: Integration Tests
         env:
-          CORSO_LOAD_TESTS: true 
-          CLIENT_ID: ${{ secrets.CLIENT_ID }}
-          CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_CLIENT_ID: ${{ secrets.CLIENT_ID }}
+          AZURE_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_TENANT_ID: ${{ secrets.TENANT_ID }}
           CORSO_PASSPHRASE: ${{ secrets.INTEGRATION_TEST_CORSO_PASSPHRASE }}
-          TENANT_ID: ${{ secrets.TENANT_ID }}
+          CORSO_LOAD_TESTS: true 
         run: |
           set -euo pipefail
           go test       \
@@ -84,10 +84,10 @@ jobs:
         if: always()
         working-directory: ./src
         env:
-          CLIENT_ID: ${{ secrets.CLIENT_ID }}
-          CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_CLIENT_ID: ${{ secrets.CLIENT_ID }}
+          AZURE_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          AZURE_TENANT_ID: ${{ secrets.TENANT_ID }}
           DELETE_FOLDER_PREFIX: "Corso_Restore_"
-          TENANT_ID: ${{ secrets.TENANT_ID }}
         run: >
           go run ./cmd/purge/purge.go
           --user '*'
diff --git a/design/cli.md b/design/cli.md
index 98cade417..9d2cc4166 100644
--- a/design/cli.md
+++ b/design/cli.md
@@ -37,8 +37,8 @@ Standard format:
 | --- | --- | --- | --- | --- |
 | repo | * |  |  | Same as `repo [*] --help`. |
 | repo | init | {repository} |  | Initialize a Corso repository. |
-| repo | init | {repository} | —tenant {tenant_id} | Provides the account’s tenant ID. |
-| repo | init | {repository} | —client {client_id} | Provides the account’s client ID. |
+| repo | init | {repository} | —tenant {azure_tenant_id} | Provides the account’s tenant ID. |
+| repo | init | {repository} | —client {azure_client_id} | Provides the account’s client ID. |
 | repo | connect | {repository} |  | Connects to the specified repo. |
 | repo | configure | {repository} |  | Sets mutable config properties to the provided values. |
 | repo | * | * | —config {cfg_file_path} | Specify a repo configuration file.  Values may also be provided via individual flags and env vars. |
@@ -68,10 +68,10 @@ Standard format:
 **First Run**
 
 ```bash
-$ export O365_SECRET=my_0365_secret
+$ export AZURE_CLIENT_SECRET=my_azure_secret
 $ export AWS_SECRET_ACCESS_KEY=my_s3_secret
 $ corso repo init s3 --bucket my_s3_bucket --access-key my_s3_key \
-		--tenant my_m365_acct --clientid my_m365_client_id
+		--tenant my_azure_tenant_id --clientid my_azure_client_id
 $ corso backup express
 ```
 
diff --git a/docs/docs/configuration/m365_access.md b/docs/docs/configuration/m365_access.md
index 08099ecb0..c955fc226 100644
--- a/docs/docs/configuration/m365_access.md
+++ b/docs/docs/configuration/m365_access.md
@@ -60,8 +60,8 @@ To extract the tenant and client ID, select Overview from the app management pan
 environment variables.
 
 ```bash
-export TENANT_ID=<Directory (tenent) ID for configured app>
-export CLIENT_ID=<Application (client) ID for configured app>
+export AZURE_TENANT_ID=<Directory (tenent) ID for configured app>
+export AZURE_CLIENT_ID=<Application (client) ID for configured app>
 ```
 
 <img src="/img/m365app_ids.png" className="guideImages"/>
@@ -75,7 +75,7 @@ Click **New Client Secret** and follow the instructions to create a secret. Afte
 value right away because it won't be available later and export it as an environment variable.
 
 ```bash
-export CLIENT_SECRET=<client secret value>
+export AZURE_CLIENT_SECRET=<client secret value>
 ```
 
 <img src="/img/m365app_secret.png" className="guideImages"/>
diff --git a/docs/docs/developers/testing.md b/docs/docs/developers/testing.md
index e2e64b44e..7ab0a9c40 100644
--- a/docs/docs/developers/testing.md
+++ b/docs/docs/developers/testing.md
@@ -33,9 +33,9 @@
     > You can find more information on how to get these values in [configuration docs](/configuration/m365_access).
 
     ```bash
-    export TENANT_ID=<tenant>
-    export CLIENT_ID=<id>
-    export CLIENT_SECRET=<secret>
+    export AZURE_CLIENT_ID=<id>
+    export AZURE_CLIENT_SECRET=<secret>
+    export AZURE_TENANT_ID=<tenant>
     ```
 
 ## Running tests
diff --git a/docs/docs/install.md b/docs/docs/install.md
index 65116e4ea..007223d93 100644
--- a/docs/docs/install.md
+++ b/docs/docs/install.md
@@ -36,9 +36,9 @@ To create the environment variables file, you can run the following.
 # create an env vars file
 $ cat <<EOF ~/.corso/corso.env 
 CORSO_PASSPHRASE
-TENANT_ID
-CLIENT_ID
-CLIENT_SECRET
+AZURE_TENANT_ID
+AZURE_CLIENT_ID
+AZURE_CLIENT_SECRET
 AWS_ACCESS_KEY_ID
 AWS_SECRET_ACCESS_KEY
 AWS_SESSION_TOKEN
diff --git a/src/cli/config/account.go b/src/cli/config/account.go
index fdc882f58..b78954ee9 100644
--- a/src/cli/config/account.go
+++ b/src/cli/config/account.go
@@ -21,14 +21,14 @@ func m365ConfigsFromViper(vpr *viper.Viper) (account.M365Config, error) {
 		return m365, errors.New("unsupported account provider: " + providerType)
 	}
 
-	m365.TenantID = vpr.GetString(TenantIDKey)
+	m365.AzureTenantID = vpr.GetString(AzureTenantIDKey)
 
 	return m365, nil
 }
 
 func m365Overrides(in map[string]string) map[string]string {
 	return map[string]string{
-		account.TenantID:       in[account.TenantID],
+		account.AzureTenantID:  in[account.AzureTenantID],
 		AccountProviderTypeKey: in[AccountProviderTypeKey],
 	}
 }
@@ -64,15 +64,18 @@ func configureAccount(
 	}
 
 	m365Cfg = account.M365Config{
-		M365:     m365,
-		TenantID: common.First(overrides[account.TenantID], m365Cfg.TenantID, os.Getenv(account.TenantID)),
+		M365: m365,
+		AzureTenantID: common.First(
+			overrides[account.AzureTenantID],
+			m365Cfg.AzureTenantID,
+			os.Getenv(account.AzureTenantID)),
 	}
 
 	// ensure required properties are present
 	if err := utils.RequireProps(map[string]string{
-		credentials.ClientID:     m365Cfg.ClientID,
-		credentials.ClientSecret: m365Cfg.ClientSecret,
-		account.TenantID:         m365Cfg.TenantID,
+		credentials.AzureClientID:     m365Cfg.AzureClientID,
+		credentials.AzureClientSecret: m365Cfg.AzureClientSecret,
+		account.AzureTenantID:         m365Cfg.AzureTenantID,
 	}); err != nil {
 		return acct, err
 	}
diff --git a/src/cli/config/config.go b/src/cli/config/config.go
index 2c1c899db..8c140e856 100644
--- a/src/cli/config/config.go
+++ b/src/cli/config/config.go
@@ -26,7 +26,7 @@ const (
 
 	// M365 config
 	AccountProviderTypeKey = "account_provider"
-	TenantIDKey            = "tenantid"
+	AzureTenantIDKey       = "azure_tenantid"
 )
 
 var (
@@ -198,7 +198,7 @@ func writeRepoConfigWithViper(vpr *viper.Viper, s3Config storage.S3Config, m365C
 	vpr.Set(PrefixKey, s3Config.Prefix)
 
 	vpr.Set(AccountProviderTypeKey, account.ProviderM365.String())
-	vpr.Set(TenantIDKey, m365Config.TenantID)
+	vpr.Set(AzureTenantIDKey, m365Config.AzureTenantID)
 
 	if err := vpr.SafeWriteConfig(); err != nil {
 		if _, ok := err.(viper.ConfigFileAlreadyExistsError); ok {
@@ -266,7 +266,7 @@ func getStorageAndAccountWithViper(
 // ---------------------------------------------------------------------------
 
 var constToTomlKeyMap = map[string]string{
-	account.TenantID:       TenantIDKey,
+	account.AzureTenantID:  AzureTenantIDKey,
 	AccountProviderTypeKey: AccountProviderTypeKey,
 	storage.Bucket:         BucketNameKey,
 	storage.Endpoint:       EndpointKey,
diff --git a/src/cli/config/config_test.go b/src/cli/config/config_test.go
index 073709e40..a59a5f69e 100644
--- a/src/cli/config/config_test.go
+++ b/src/cli/config/config_test.go
@@ -25,7 +25,7 @@ const (
 ` + PrefixKey + ` = 'test-prefix/'
 ` + StorageProviderTypeKey + ` = 'S3'
 ` + AccountProviderTypeKey + ` = 'M365'
-` + TenantIDKey + ` = '%s'
+` + AzureTenantIDKey + ` = '%s'
 `
 )
 
@@ -66,7 +66,7 @@ func (suite *ConfigSuite) TestReadRepoConfigBasic() {
 
 	m365, err := m365ConfigsFromViper(vpr)
 	require.NoError(t, err)
-	assert.Equal(t, tID, m365.TenantID)
+	assert.Equal(t, tID, m365.AzureTenantID)
 }
 
 func (suite *ConfigSuite) TestWriteReadConfig() {
@@ -85,7 +85,7 @@ func (suite *ConfigSuite) TestWriteReadConfig() {
 	require.NoError(t, initWithViper(vpr, testConfigFilePath), "initializing repo config")
 
 	s3Cfg := storage.S3Config{Bucket: bkt}
-	m365 := account.M365Config{TenantID: tid}
+	m365 := account.M365Config{AzureTenantID: tid}
 
 	require.NoError(t, writeRepoConfigWithViper(vpr, s3Cfg, m365), "writing repo config")
 	require.NoError(t, vpr.ReadInConfig(), "reading repo config")
@@ -96,7 +96,7 @@ func (suite *ConfigSuite) TestWriteReadConfig() {
 
 	readM365, err := m365ConfigsFromViper(vpr)
 	require.NoError(t, err)
-	assert.Equal(t, readM365.TenantID, m365.TenantID)
+	assert.Equal(t, readM365.AzureTenantID, m365.AzureTenantID)
 }
 
 func (suite *ConfigSuite) TestMustMatchConfig() {
@@ -115,7 +115,7 @@ func (suite *ConfigSuite) TestMustMatchConfig() {
 	require.NoError(t, initWithViper(vpr, testConfigFilePath), "initializing repo config")
 
 	s3Cfg := storage.S3Config{Bucket: bkt}
-	m365 := account.M365Config{TenantID: tid}
+	m365 := account.M365Config{AzureTenantID: tid}
 
 	require.NoError(t, writeRepoConfigWithViper(vpr, s3Cfg, m365), "writing repo config")
 	require.NoError(t, vpr.ReadInConfig(), "reading repo config")
@@ -128,16 +128,16 @@ func (suite *ConfigSuite) TestMustMatchConfig() {
 		{
 			name: "full match",
 			input: map[string]string{
-				storage.Bucket:   bkt,
-				account.TenantID: tid,
+				storage.Bucket:        bkt,
+				account.AzureTenantID: tid,
 			},
 			errCheck: assert.NoError,
 		},
 		{
 			name: "empty values",
 			input: map[string]string{
-				storage.Bucket:   "",
-				account.TenantID: "",
+				storage.Bucket:        "",
+				account.AzureTenantID: "",
 			},
 			errCheck: assert.NoError,
 		},
@@ -162,8 +162,8 @@ func (suite *ConfigSuite) TestMustMatchConfig() {
 		{
 			name: "mismatch",
 			input: map[string]string{
-				storage.Bucket:   tid,
-				account.TenantID: bkt,
+				storage.Bucket:        tid,
+				account.AzureTenantID: bkt,
 			},
 			errCheck: assert.Error,
 		},
@@ -221,7 +221,7 @@ func (suite *ConfigIntegrationSuite) TestGetStorageAndAccount() {
 		Endpoint: end,
 		Prefix:   pfx,
 	}
-	m365 := account.M365Config{TenantID: tid}
+	m365 := account.M365Config{AzureTenantID: tid}
 
 	require.NoError(t, writeRepoConfigWithViper(vpr, s3Cfg, m365), "writing repo config")
 	require.NoError(t, vpr.ReadInConfig(), "reading repo config")
@@ -241,9 +241,9 @@ func (suite *ConfigIntegrationSuite) TestGetStorageAndAccount() {
 
 	readM365, err := ac.M365Config()
 	require.NoError(t, err, "reading m365 config from account")
-	assert.Equal(t, readM365.TenantID, m365.TenantID)
-	assert.Equal(t, readM365.ClientID, os.Getenv(credentials.ClientID))
-	assert.Equal(t, readM365.ClientSecret, os.Getenv(credentials.ClientSecret))
+	assert.Equal(t, readM365.AzureTenantID, m365.AzureTenantID)
+	assert.Equal(t, readM365.AzureClientID, os.Getenv(credentials.AzureClientID))
+	assert.Equal(t, readM365.AzureClientSecret, os.Getenv(credentials.AzureClientSecret))
 }
 
 func (suite *ConfigIntegrationSuite) TestGetStorageAndAccount_noFileOnlyOverrides() {
@@ -263,10 +263,10 @@ func (suite *ConfigIntegrationSuite) TestGetStorageAndAccount_noFileOnlyOverride
 		Endpoint: end,
 		Prefix:   pfx,
 	}
-	m365 := account.M365Config{TenantID: tid}
+	m365 := account.M365Config{AzureTenantID: tid}
 
 	overrides := map[string]string{
-		account.TenantID:       tid,
+		account.AzureTenantID:  tid,
 		AccountProviderTypeKey: account.ProviderM365.String(),
 		storage.Bucket:         bkt,
 		storage.Endpoint:       end,
@@ -289,7 +289,7 @@ func (suite *ConfigIntegrationSuite) TestGetStorageAndAccount_noFileOnlyOverride
 
 	readM365, err := ac.M365Config()
 	require.NoError(t, err, "reading m365 config from account")
-	assert.Equal(t, readM365.TenantID, m365.TenantID)
-	assert.Equal(t, readM365.ClientID, os.Getenv(credentials.ClientID))
-	assert.Equal(t, readM365.ClientSecret, os.Getenv(credentials.ClientSecret))
+	assert.Equal(t, readM365.AzureTenantID, m365.AzureTenantID)
+	assert.Equal(t, readM365.AzureClientID, os.Getenv(credentials.AzureClientID))
+	assert.Equal(t, readM365.AzureClientSecret, os.Getenv(credentials.AzureClientSecret))
 }
diff --git a/src/cli/help/env.go b/src/cli/help/env.go
index b789ec5c5..f213865a7 100644
--- a/src/cli/help/env.go
+++ b/src/cli/help/env.go
@@ -67,8 +67,8 @@ var (
 			"It is impossible to use the repository or recover any backups without this key."},
 	}
 	azureEVs = []envVar{
-		{azure, "CLIENT_ID", "Client ID for your Azure AD application used to access your M365 tenant."},
-		{azure, "CLIENT_SECRET", "Azure secret for your Azure AD application used to access your M365 tenant."},
+		{azure, "AZURE_CLIENT_ID", "Client ID for your Azure AD application used to access your M365 tenant."},
+		{azure, "AZURE_CLIENT_SECRET", "Azure secret for your Azure AD application used to access your M365 tenant."},
 	}
 	awsEVs = []envVar{
 		{aws, "AWS_ACCESS_KEY_ID", "AWS access key for an IAM user or role for accessing S3 bucket repository."},
diff --git a/src/cmd/factory/factory.go b/src/cmd/factory/factory.go
index b24802c8d..bc9d1f360 100644
--- a/src/cmd/factory/factory.go
+++ b/src/cmd/factory/factory.go
@@ -98,12 +98,12 @@ func handleOneDriveFactory(cmd *cobra.Command, args []string) error {
 // ------------------------------------------------------------------------------------------
 
 func getGCAndVerifyUser(ctx context.Context, userID string) (*connector.GraphConnector, string, error) {
-	tid := common.First(tenant, os.Getenv(account.TenantID))
+	tid := common.First(tenant, os.Getenv(account.AzureTenantID))
 
 	// get account info
 	m365Cfg := account.M365Config{
-		M365:     credentials.GetM365(),
-		TenantID: tid,
+		M365:          credentials.GetM365(),
+		AzureTenantID: tid,
 	}
 
 	acct, err := account.NewAccount(account.ProviderM365, m365Cfg)
diff --git a/src/cmd/purge/purge.go b/src/cmd/purge/purge.go
index e7c817e19..101ed4a4d 100644
--- a/src/cmd/purge/purge.go
+++ b/src/cmd/purge/purge.go
@@ -415,8 +415,8 @@ func purgeFolders(
 func getGC(ctx context.Context) (*connector.GraphConnector, error) {
 	// get account info
 	m365Cfg := account.M365Config{
-		M365:     credentials.GetM365(),
-		TenantID: common.First(tenant, os.Getenv(account.TenantID)),
+		M365:          credentials.GetM365(),
+		AzureTenantID: common.First(tenant, os.Getenv(account.AzureTenantID)),
 	}
 
 	acct, err := account.NewAccount(account.ProviderM365, m365Cfg)
diff --git a/src/internal/connector/exchange/contact_folder_cache_test.go b/src/internal/connector/exchange/contact_folder_cache_test.go
index 4e2f298b6..7424aaf95 100644
--- a/src/internal/connector/exchange/contact_folder_cache_test.go
+++ b/src/internal/connector/exchange/contact_folder_cache_test.go
@@ -38,6 +38,7 @@ func TestContactFolderCacheIntegrationSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
diff --git a/src/internal/connector/exchange/event_calendar_cache_test.go b/src/internal/connector/exchange/event_calendar_cache_test.go
index 515f1289b..f7c3d50c1 100644
--- a/src/internal/connector/exchange/event_calendar_cache_test.go
+++ b/src/internal/connector/exchange/event_calendar_cache_test.go
@@ -20,6 +20,7 @@ func TestEventCalendarCacheIntegrationSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
diff --git a/src/internal/connector/exchange/exchange_service_test.go b/src/internal/connector/exchange/exchange_service_test.go
index a997b8689..4aa4243bb 100644
--- a/src/internal/connector/exchange/exchange_service_test.go
+++ b/src/internal/connector/exchange/exchange_service_test.go
@@ -29,6 +29,7 @@ func TestExchangeServiceSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
@@ -58,7 +59,7 @@ func (suite *ExchangeServiceSuite) SetupSuite() {
 func (suite *ExchangeServiceSuite) TestCreateService() {
 	creds := suite.es.credentials
 	invalidCredentials := suite.es.credentials
-	invalidCredentials.ClientSecret = ""
+	invalidCredentials.AzureClientSecret = ""
 
 	tests := []struct {
 		name        string
@@ -78,7 +79,7 @@ func (suite *ExchangeServiceSuite) TestCreateService() {
 	}
 	for _, test := range tests {
 		suite.T().Run(test.name, func(t *testing.T) {
-			t.Log(test.credentials.ClientSecret)
+			t.Log(test.credentials.AzureClientSecret)
 			_, err := createService(test.credentials, false)
 			test.checkErr(t, err)
 		})
@@ -587,7 +588,7 @@ func (suite *ExchangeServiceSuite) TestGetContainerIDFromCache() {
 				pathFunc1: func() path.Path {
 					pth, err := path.Builder{}.Append("Griffindor").
 						Append("Croix").ToDataLayerExchangePathForCategory(
-						suite.es.credentials.TenantID,
+						suite.es.credentials.AzureTenantID,
 						user,
 						path.EmailCategory,
 						false,
@@ -599,7 +600,7 @@ func (suite *ExchangeServiceSuite) TestGetContainerIDFromCache() {
 				pathFunc2: func() path.Path {
 					pth, err := path.Builder{}.Append("Griffindor").
 						Append("Felicius").ToDataLayerExchangePathForCategory(
-						suite.es.credentials.TenantID,
+						suite.es.credentials.AzureTenantID,
 						user,
 						path.EmailCategory,
 						false,
@@ -615,7 +616,7 @@ func (suite *ExchangeServiceSuite) TestGetContainerIDFromCache() {
 				pathFunc1: func() path.Path {
 					aPath, err := path.Builder{}.Append("HufflePuff").
 						ToDataLayerExchangePathForCategory(
-							suite.es.credentials.TenantID,
+							suite.es.credentials.AzureTenantID,
 							user,
 							path.ContactsCategory,
 							false,
@@ -627,7 +628,7 @@ func (suite *ExchangeServiceSuite) TestGetContainerIDFromCache() {
 				pathFunc2: func() path.Path {
 					aPath, err := path.Builder{}.Append("Ravenclaw").
 						ToDataLayerExchangePathForCategory(
-							suite.es.credentials.TenantID,
+							suite.es.credentials.AzureTenantID,
 							user,
 							path.ContactsCategory,
 							false,
@@ -643,7 +644,7 @@ func (suite *ExchangeServiceSuite) TestGetContainerIDFromCache() {
 				pathFunc1: func() path.Path {
 					aPath, err := path.Builder{}.Append("Durmstrang").
 						ToDataLayerExchangePathForCategory(
-							suite.es.credentials.TenantID,
+							suite.es.credentials.AzureTenantID,
 							user,
 							path.EventsCategory,
 							false,
@@ -654,7 +655,7 @@ func (suite *ExchangeServiceSuite) TestGetContainerIDFromCache() {
 				pathFunc2: func() path.Path {
 					aPath, err := path.Builder{}.Append("Beauxbatons").
 						ToDataLayerExchangePathForCategory(
-							suite.es.credentials.TenantID,
+							suite.es.credentials.AzureTenantID,
 							user,
 							path.EventsCategory,
 							false,
diff --git a/src/internal/connector/exchange/iterators_test.go b/src/internal/connector/exchange/iterators_test.go
index 2d68b8655..beb5695ec 100644
--- a/src/internal/connector/exchange/iterators_test.go
+++ b/src/internal/connector/exchange/iterators_test.go
@@ -25,6 +25,7 @@ func TestExchangeIteratorSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
diff --git a/src/internal/connector/exchange/mail_folder_cache_test.go b/src/internal/connector/exchange/mail_folder_cache_test.go
index e4ecb529a..f3eccebd8 100644
--- a/src/internal/connector/exchange/mail_folder_cache_test.go
+++ b/src/internal/connector/exchange/mail_folder_cache_test.go
@@ -323,6 +323,7 @@ func TestMailFolderCacheIntegrationSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
diff --git a/src/internal/connector/exchange/service_functions.go b/src/internal/connector/exchange/service_functions.go
index bb2572fe4..33a87bae2 100644
--- a/src/internal/connector/exchange/service_functions.go
+++ b/src/internal/connector/exchange/service_functions.go
@@ -48,9 +48,9 @@ func (es *exchangeService) ErrPolicy() bool {
 // NOTE: Incorrect account information will result in errors on subsequent queries.
 func createService(credentials account.M365Config, shouldFailFast bool) (*exchangeService, error) {
 	adapter, err := graph.CreateAdapter(
-		credentials.TenantID,
-		credentials.ClientID,
-		credentials.ClientSecret,
+		credentials.AzureTenantID,
+		credentials.AzureClientID,
+		credentials.AzureClientSecret,
 	)
 	if err != nil {
 		return nil, err
@@ -460,7 +460,7 @@ func getCollectionPath(
 	returnPath, err := resolveCollectionPath(
 		ctx,
 		resolver,
-		qp.Credentials.TenantID,
+		qp.Credentials.AzureTenantID,
 		qp.User,
 		directory,
 		category,
@@ -471,7 +471,7 @@ func getCollectionPath(
 
 	aPath, err1 := path.Builder{}.Append(directory).
 		ToDataLayerExchangePathForCategory(
-			qp.Credentials.TenantID,
+			qp.Credentials.AzureTenantID,
 			qp.User,
 			category,
 			false,
diff --git a/src/internal/connector/exchange/service_functions_test.go b/src/internal/connector/exchange/service_functions_test.go
index 9434239d5..f7752d3c9 100644
--- a/src/internal/connector/exchange/service_functions_test.go
+++ b/src/internal/connector/exchange/service_functions_test.go
@@ -21,6 +21,7 @@ func TestServiceFunctionsIntegrationSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
diff --git a/src/internal/connector/exchange/service_iterators.go b/src/internal/connector/exchange/service_iterators.go
index 59c31af33..7301143bc 100644
--- a/src/internal/connector/exchange/service_iterators.go
+++ b/src/internal/connector/exchange/service_iterators.go
@@ -205,7 +205,7 @@ func CollectionsFromResolver(
 		}
 
 		completePath, err := item.Path().ToDataLayerExchangePathForCategory(
-			qp.Credentials.TenantID,
+			qp.Credentials.AzureTenantID,
 			qp.User,
 			category,
 			false,
@@ -504,7 +504,7 @@ func IterateSelectAllContactsForCollections(
 			// Create and Populate Default Contacts folder Collection if true
 			if qp.Scope.Matches(selectors.ExchangeContactFolder, DefaultContactFolder) {
 				dirPath, err := path.Builder{}.Append(DefaultContactFolder).ToDataLayerExchangePathForCategory(
-					qp.Credentials.TenantID,
+					qp.Credentials.AzureTenantID,
 					qp.User,
 					path.ContactsCategory,
 					false,
diff --git a/src/internal/connector/graph_connector.go b/src/internal/connector/graph_connector.go
index aae2115d6..7db42db61 100644
--- a/src/internal/connector/graph_connector.go
+++ b/src/internal/connector/graph_connector.go
@@ -77,7 +77,7 @@ func NewGraphConnector(ctx context.Context, acct account.Account) (*GraphConnect
 	}
 
 	gc := GraphConnector{
-		tenant:      m365.TenantID,
+		tenant:      m365.AzureTenantID,
 		Users:       make(map[string]string, 0),
 		wg:          &sync.WaitGroup{},
 		credentials: m365,
@@ -101,9 +101,9 @@ func NewGraphConnector(ctx context.Context, acct account.Account) (*GraphConnect
 // createService constructor for graphService component
 func (gc *GraphConnector) createService(shouldFailFast bool) (*graphService, error) {
 	adapter, err := graph.CreateAdapter(
-		gc.credentials.TenantID,
-		gc.credentials.ClientID,
-		gc.credentials.ClientSecret,
+		gc.credentials.AzureTenantID,
+		gc.credentials.AzureClientID,
+		gc.credentials.AzureClientSecret,
 	)
 	if err != nil {
 		return nil, err
@@ -520,7 +520,7 @@ func (gc *GraphConnector) OneDriveDataCollections(
 			logger.Ctx(ctx).With("user", user).Debug("Creating OneDrive collections")
 
 			odcs, err := onedrive.NewCollections(
-				gc.credentials.TenantID,
+				gc.credentials.AzureTenantID,
 				user,
 				scope,
 				&gc.graphService,
diff --git a/src/internal/connector/graph_connector_disconnected_test.go b/src/internal/connector/graph_connector_disconnected_test.go
index 0caca3457..8e9030e37 100644
--- a/src/internal/connector/graph_connector_disconnected_test.go
+++ b/src/internal/connector/graph_connector_disconnected_test.go
@@ -43,10 +43,10 @@ func (suite *DisconnectedGraphConnectorSuite) TestBadConnection() {
 					account.ProviderM365,
 					account.M365Config{
 						M365: credentials.M365{
-							ClientID:     "Test",
-							ClientSecret: "without",
+							AzureClientID:     "Test",
+							AzureClientSecret: "without",
 						},
-						TenantID: "data",
+						AzureTenantID: "data",
 					},
 				)
 				require.NoError(t, err)
diff --git a/src/internal/connector/graph_connector_test.go b/src/internal/connector/graph_connector_test.go
index 6ebb4aa83..37b214247 100644
--- a/src/internal/connector/graph_connector_test.go
+++ b/src/internal/connector/graph_connector_test.go
@@ -38,6 +38,7 @@ func TestGraphConnectorIntegrationSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorExchangeTests,
 	); err != nil {
 		t.Skip(err)
 	}
diff --git a/src/internal/connector/onedrive/drive.go b/src/internal/connector/onedrive/drive.go
index 0191bdf38..147f532d3 100644
--- a/src/internal/connector/onedrive/drive.go
+++ b/src/internal/connector/onedrive/drive.go
@@ -86,8 +86,10 @@ func collectItems(
 }
 
 // getFolder will lookup the specified folder name under `parentFolderID`
-func getFolder(ctx context.Context, service graph.Service, driveID string, parentFolderID string,
-	folderName string,
+func getFolder(
+	ctx context.Context,
+	service graph.Service,
+	driveID, parentFolderID, folderName string,
 ) (models.DriveItemable, error) {
 	// The `Children().Get()` API doesn't yet support $filter, so using that to find a folder
 	// will be sub-optimal.
diff --git a/src/internal/connector/onedrive/drive_test.go b/src/internal/connector/onedrive/drive_test.go
index f55aa53d3..08e6e0459 100644
--- a/src/internal/connector/onedrive/drive_test.go
+++ b/src/internal/connector/onedrive/drive_test.go
@@ -44,9 +44,9 @@ func loadService(t *testing.T) *testService {
 	require.NoError(t, err)
 
 	adapter, err := graph.CreateAdapter(
-		m365.TenantID,
-		m365.ClientID,
-		m365.ClientSecret,
+		m365.AzureTenantID,
+		m365.AzureClientID,
+		m365.AzureClientSecret,
 	)
 	require.NoError(t, err)
 
diff --git a/src/internal/connector/onedrive/item_test.go b/src/internal/connector/onedrive/item_test.go
index 0cac044b2..7bb1f95a4 100644
--- a/src/internal/connector/onedrive/item_test.go
+++ b/src/internal/connector/onedrive/item_test.go
@@ -40,6 +40,7 @@ func TestItemIntegrationSuite(t *testing.T) {
 	if err := tester.RunOnAny(
 		tester.CorsoCITests,
 		tester.CorsoGraphConnectorTests,
+		tester.CorsoGraphConnectorOneDriveTests,
 	); err != nil {
 		t.Skip(err)
 	}
@@ -59,7 +60,7 @@ func (suite *ItemIntegrationSuite) SetupSuite() {
 	m365, err := a.M365Config()
 	require.NoError(suite.T(), err)
 
-	adapter, err := graph.CreateAdapter(m365.TenantID, m365.ClientID, m365.ClientSecret)
+	adapter, err := graph.CreateAdapter(m365.AzureTenantID, m365.AzureClientID, m365.AzureClientSecret)
 	require.NoError(suite.T(), err)
 	suite.client = msgraphsdk.NewGraphServiceClient(adapter)
 	suite.adapter = adapter
diff --git a/src/internal/events/events_test.go b/src/internal/events/events_test.go
index b55dd97e7..85c3aba05 100644
--- a/src/internal/events/events_test.go
+++ b/src/internal/events/events_test.go
@@ -42,10 +42,10 @@ func (suite *EventsIntegrationSuite) TestNewBus() {
 		account.ProviderM365,
 		account.M365Config{
 			M365: credentials.M365{
-				ClientID:     "id",
-				ClientSecret: "secret",
+				AzureClientID:     "id",
+				AzureClientSecret: "secret",
 			},
-			TenantID: "tid",
+			AzureTenantID: "tid",
 		},
 	)
 	require.NoError(t, err)
diff --git a/src/internal/tester/account.go b/src/internal/tester/account.go
index 45a06be41..67776bba6 100644
--- a/src/internal/tester/account.go
+++ b/src/internal/tester/account.go
@@ -10,8 +10,8 @@ import (
 )
 
 var M365AcctCredEnvs = []string{
-	credentials.ClientID,
-	credentials.ClientSecret,
+	credentials.AzureClientID,
+	credentials.AzureClientSecret,
 }
 
 // NewM365Account returns an account.Account object initialized with environment
@@ -23,8 +23,8 @@ func NewM365Account(t *testing.T) account.Account {
 	acc, err := account.NewAccount(
 		account.ProviderM365,
 		account.M365Config{
-			M365:     credentials.GetM365(),
-			TenantID: cfg[TestCfgTenantID],
+			M365:          credentials.GetM365(),
+			AzureTenantID: cfg[TestCfgAzureTenantID],
 		},
 	)
 	require.NoError(t, err, "initializing account")
diff --git a/src/internal/tester/config.go b/src/internal/tester/config.go
index 3d9d0e102..d46eb50bb 100644
--- a/src/internal/tester/config.go
+++ b/src/internal/tester/config.go
@@ -20,7 +20,7 @@ const (
 	TestCfgStorageProvider = "provider"
 
 	// M365 config
-	TestCfgTenantID        = "tenantid"
+	TestCfgAzureTenantID   = "azure_tenantid"
 	TestCfgUserID          = "m365userid"
 	TestCfgAccountProvider = "account_provider"
 )
@@ -100,7 +100,7 @@ func readTestConfig() (map[string]string, error) {
 	fallbackTo(testEnv, TestCfgBucket, vpr.GetString(TestCfgBucket), "test-corso-repo-init")
 	fallbackTo(testEnv, TestCfgEndpoint, vpr.GetString(TestCfgEndpoint), "s3.amazonaws.com")
 	fallbackTo(testEnv, TestCfgPrefix, vpr.GetString(TestCfgPrefix))
-	fallbackTo(testEnv, TestCfgTenantID, os.Getenv(account.TenantID), vpr.GetString(TestCfgTenantID))
+	fallbackTo(testEnv, TestCfgAzureTenantID, os.Getenv(account.AzureTenantID), vpr.GetString(TestCfgAzureTenantID))
 	fallbackTo(
 		testEnv,
 		TestCfgUserID,
diff --git a/src/internal/tester/integration_runners.go b/src/internal/tester/integration_runners.go
index f3c8e26c1..d45e0afc1 100644
--- a/src/internal/tester/integration_runners.go
+++ b/src/internal/tester/integration_runners.go
@@ -9,19 +9,21 @@ import (
 )
 
 const (
-	CorsoLoadTests           = "CORSO_LOAD_TESTS"
-	CorsoCITests             = "CORSO_CI_TESTS"
-	CorsoCLIBackupTests      = "CORSO_COMMAND_LINE_BACKUP_TESTS"
-	CorsoCLIConfigTests      = "CORSO_COMMAND_LINE_CONFIG_TESTS"
-	CorsoCLIRepoTests        = "CORSO_COMMAND_LINE_REPO_TESTS"
-	CorsoCLIRestoreTests     = "CORSO_COMMAND_LINE_RESTORE_TESTS"
-	CorsoCLITests            = "CORSO_COMMAND_LINE_TESTS"
-	CorsoGraphConnectorTests = "CORSO_GRAPH_CONNECTOR_TESTS"
-	CorsoKopiaWrapperTests   = "CORSO_KOPIA_WRAPPER_TESTS"
-	CorsoModelStoreTests     = "CORSO_MODEL_STORE_TESTS"
-	CorsoOneDriveTests       = "CORSO_ONE_DRIVE_TESTS"
-	CorsoOperationTests      = "CORSO_OPERATION_TESTS"
-	CorsoRepositoryTests     = "CORSO_REPOSITORY_TESTS"
+	CorsoLoadTests                   = "CORSO_LOAD_TESTS"
+	CorsoCITests                     = "CORSO_CI_TESTS"
+	CorsoCLIBackupTests              = "CORSO_COMMAND_LINE_BACKUP_TESTS"
+	CorsoCLIConfigTests              = "CORSO_COMMAND_LINE_CONFIG_TESTS"
+	CorsoCLIRepoTests                = "CORSO_COMMAND_LINE_REPO_TESTS"
+	CorsoCLIRestoreTests             = "CORSO_COMMAND_LINE_RESTORE_TESTS"
+	CorsoCLITests                    = "CORSO_COMMAND_LINE_TESTS"
+	CorsoGraphConnectorTests         = "CORSO_GRAPH_CONNECTOR_TESTS"
+	CorsoGraphConnectorExchangeTests = "CORSO_GRAPH_CONNECTOR_EXCHANGE_TESTS"
+	CorsoGraphConnectorOneDriveTests = "CORSO_GRAPH_CONNECTOR_ONE_DRIVE_TESTS"
+	CorsoKopiaWrapperTests           = "CORSO_KOPIA_WRAPPER_TESTS"
+	CorsoModelStoreTests             = "CORSO_MODEL_STORE_TESTS"
+	CorsoOneDriveTests               = "CORSO_ONE_DRIVE_TESTS"
+	CorsoOperationTests              = "CORSO_OPERATION_TESTS"
+	CorsoRepositoryTests             = "CORSO_REPOSITORY_TESTS"
 )
 
 // File needs to be a single message .json
diff --git a/src/pkg/account/m365.go b/src/pkg/account/m365.go
index 2a3f9d77f..a9c84fb37 100644
--- a/src/pkg/account/m365.go
+++ b/src/pkg/account/m365.go
@@ -8,19 +8,19 @@ import (
 
 // config exported name consts
 const (
-	TenantID = "TENANT_ID"
+	AzureTenantID = "AZURE_TENANT_ID"
 )
 
 type M365Config struct {
 	credentials.M365 // requires: ClientID, ClientSecret
-	TenantID         string
+	AzureTenantID    string
 }
 
 // config key consts
 const (
-	keyM365ClientID     = "m365_clientID"
-	keyM365ClientSecret = "m365_clientSecret"
-	keyM365TenantID     = "m365_tenantID"
+	keyAzureClientID     = "azure_clientid"
+	keyAzureClientSecret = "azure_clientSecret"
+	keyAzureTenantID     = "azure_tenantid"
 )
 
 // StringConfig transforms a m365Config struct into a plain
@@ -28,9 +28,9 @@ const (
 // serialize into the map are expected to be strings.
 func (c M365Config) StringConfig() (map[string]string, error) {
 	cfg := map[string]string{
-		keyM365ClientID:     c.ClientID,
-		keyM365ClientSecret: c.ClientSecret,
-		keyM365TenantID:     c.TenantID,
+		keyAzureClientID:     c.AzureClientID,
+		keyAzureClientSecret: c.AzureClientSecret,
+		keyAzureTenantID:     c.AzureTenantID,
 	}
 
 	return cfg, c.validate()
@@ -39,7 +39,7 @@ func (c M365Config) StringConfig() (map[string]string, error) {
 // providerID returns the c.TenantID if ap is a ProviderM365.
 func (c M365Config) providerID(ap accountProvider) string {
 	if ap == ProviderM365 {
-		return c.TenantID
+		return c.AzureTenantID
 	}
 
 	return ""
@@ -49,9 +49,9 @@ func (c M365Config) providerID(ap accountProvider) string {
 func (a Account) M365Config() (M365Config, error) {
 	c := M365Config{}
 	if len(a.Config) > 0 {
-		c.ClientID = a.Config[keyM365ClientID]
-		c.ClientSecret = a.Config[keyM365ClientSecret]
-		c.TenantID = a.Config[keyM365TenantID]
+		c.AzureClientID = a.Config[keyAzureClientID]
+		c.AzureClientSecret = a.Config[keyAzureClientSecret]
+		c.AzureTenantID = a.Config[keyAzureTenantID]
 	}
 
 	return c, c.validate()
@@ -59,9 +59,9 @@ func (a Account) M365Config() (M365Config, error) {
 
 func (c M365Config) validate() error {
 	check := map[string]string{
-		credentials.ClientID:     c.ClientID,
-		credentials.ClientSecret: c.ClientSecret,
-		TenantID:                 c.TenantID,
+		credentials.AzureClientID:     c.AzureClientID,
+		credentials.AzureClientSecret: c.AzureClientSecret,
+		AzureTenantID:                 c.AzureTenantID,
 	}
 
 	for k, v := range check {
diff --git a/src/pkg/account/m365_test.go b/src/pkg/account/m365_test.go
index b9b2c363b..a201496e4 100644
--- a/src/pkg/account/m365_test.go
+++ b/src/pkg/account/m365_test.go
@@ -21,10 +21,10 @@ func TestM365CfgSuite(t *testing.T) {
 
 var goodM365Config = account.M365Config{
 	M365: credentials.M365{
-		ClientID:     "cid",
-		ClientSecret: "cs",
+		AzureClientID:     "cid",
+		AzureClientSecret: "cs",
 	},
-	TenantID: "tid",
+	AzureTenantID: "tid",
 }
 
 func (suite *M365CfgSuite) TestM365Config_Config() {
@@ -36,9 +36,9 @@ func (suite *M365CfgSuite) TestM365Config_Config() {
 		key    string
 		expect string
 	}{
-		{"m365_clientID", m365.ClientID},
-		{"m365_clientSecret", m365.ClientSecret},
-		{"m365_tenantID", m365.TenantID},
+		{"azure_clientid", m365.AzureClientID},
+		{"azure_clientSecret", m365.AzureClientSecret},
+		{"azure_tenantid", m365.AzureTenantID},
 	}
 	for _, test := range table {
 		assert.Equal(suite.T(), test.expect, c[test.key])
@@ -54,18 +54,18 @@ func (suite *M365CfgSuite) TestAccount_M365Config() {
 	out, err := a.M365Config()
 	require.NoError(t, err)
 
-	assert.Equal(t, in.ClientID, out.ClientID)
-	assert.Equal(t, in.ClientSecret, out.ClientSecret)
-	assert.Equal(t, in.TenantID, out.TenantID)
+	assert.Equal(t, in.AzureClientID, out.AzureClientID)
+	assert.Equal(t, in.AzureClientSecret, out.AzureClientSecret)
+	assert.Equal(t, in.AzureTenantID, out.AzureTenantID)
 }
 
 func makeTestM365Cfg(cid, cs, tid string) account.M365Config {
 	return account.M365Config{
 		M365: credentials.M365{
-			ClientID:     cid,
-			ClientSecret: cs,
+			AzureClientID:     cid,
+			AzureClientSecret: cs,
 		},
-		TenantID: tid,
+		AzureTenantID: tid,
 	}
 }
 
@@ -94,19 +94,19 @@ func (suite *M365CfgSuite) TestAccount_M365Config_InvalidCases() {
 		{
 			"missing clientID",
 			func(a account.Account) {
-				a.Config["m365_clientID"] = ""
+				a.Config["azure_clientid"] = ""
 			},
 		},
 		{
 			"missing client secret",
 			func(a account.Account) {
-				a.Config["m365_clientSecret"] = ""
+				a.Config["azure_clientSecret"] = ""
 			},
 		},
 		{
 			"missing tenant id",
 			func(a account.Account) {
-				a.Config["m365_tenantID"] = ""
+				a.Config["azure_tenantid"] = ""
 			},
 		},
 	}
diff --git a/src/pkg/credentials/m365.go b/src/pkg/credentials/m365.go
index c0652c67b..2d0943aa7 100644
--- a/src/pkg/credentials/m365.go
+++ b/src/pkg/credentials/m365.go
@@ -8,14 +8,14 @@ import (
 
 // envvar consts
 const (
-	ClientID     = "CLIENT_ID"
-	ClientSecret = "CLIENT_SECRET"
+	AzureClientID     = "AZURE_CLIENT_ID"
+	AzureClientSecret = "AZURE_CLIENT_SECRET"
 )
 
 // M365 aggregates m365 credentials from flag and env_var values.
 type M365 struct {
-	ClientID     string
-	ClientSecret string
+	AzureClientID     string
+	AzureClientSecret string
 }
 
 // M365 is a helper for aggregating m365 secrets and credentials.
@@ -23,15 +23,15 @@ func GetM365() M365 {
 	// todo (rkeeprs): read from either corso config file or env vars.
 	// https://github.com/alcionai/corso/issues/120
 	return M365{
-		ClientID:     os.Getenv(ClientID),
-		ClientSecret: os.Getenv(ClientSecret),
+		AzureClientID:     os.Getenv(AzureClientID),
+		AzureClientSecret: os.Getenv(AzureClientSecret),
 	}
 }
 
 func (c M365) Validate() error {
 	check := map[string]string{
-		ClientID:     c.ClientID,
-		ClientSecret: c.ClientSecret,
+		AzureClientID:     c.AzureClientID,
+		AzureClientSecret: c.AzureClientSecret,
 	}
 
 	for k, v := range check {