diff --git a/test/api.test.js b/test/api.test.js
index e49db11..3ca0c02 100644
--- a/test/api.test.js
+++ b/test/api.test.js
@@ -1,5 +1,6 @@
 import { test } from './helpers/context.js'
 
+import * as Signer from '@ucanto/principal/ed25519'
 import delay from 'delay'
 import pRetry from 'p-retry'
 import git from 'git-rev-sync'
@@ -58,7 +59,7 @@ test('POST /', async t => {
 
   // Client connection config for w3filecoin pipeline entrypoint, i.e. API Storefront relies on
   const { invocationConfig, connection } = await getClientConfig(new URL(t.context.api.aggregator))
-  const group = invocationConfig.with
+  const group = (await Signer.generate()).did()
 
   // Create random pieces to add
   const pieces = await randomCargo(10, 1024)
@@ -96,7 +97,7 @@ test('POST /', async t => {
       }
       // Validate piece entry content
       t.truthy(storedPiece.ok.piece.equals(p.link))
-      t.is(storedPiece.ok.group, invocationConfig.with)
+      t.is(storedPiece.ok.group, group)
       t.is(storedPiece.ok.status, 'offered')
       t.truthy(storedPiece.ok.insertedAt)
       t.truthy(storedPiece.ok.updatedAt)
diff --git a/test/helpers/client.js b/test/helpers/client.js
index 315a656..d8b897c 100644
--- a/test/helpers/client.js
+++ b/test/helpers/client.js
@@ -10,7 +10,10 @@ import { connect } from '@ucanto/client'
  */
 export async function getClientConfig (url) {
   // UCAN actors
-  const storefront = await Signer.generate()
+  const storefront = getServiceSigner({
+    did: 'did:web:staging.web3.storage',
+    privateKey: process.env.AGGREGATOR_PRIVATE_KEY || ''
+  })
   const aggregatorService = DID.parse('did:web:staging.web3.storage')
 
   return {
@@ -29,3 +32,20 @@ export async function getClientConfig (url) {
     })
   }
 }
+
+/**
+ * Given a config, return a ucanto Signer object representing the service
+ *
+ * @param {object} config
+ * @param {string} config.privateKey - multiformats private key of primary signing key
+ * @param {string} [config.did] - public DID for the service (did:key:... derived from PRIVATE_KEY if not set)
+ * @returns {import('@ucanto/principal/ed25519').Signer.Signer}
+ */
+export function getServiceSigner(config) {
+  const signer = Signer.parse(config.privateKey)
+  if (config.did) {
+    const did = DID.parse(config.did).did()
+    return signer.withDID(did)
+  }
+  return signer
+}