diff --git a/client.gen.go b/client.gen.go
index b0d9ffc..26e8a05 100644
--- a/client.gen.go
+++ b/client.gen.go
@@ -14460,6 +14460,7 @@ type CreateTeamAPIKeyResponse struct {
 	JSON201      *APIKey
 	JSON400      *BadRequest
 	JSON401      *RequiresAuthentication
+	JSON403      *Forbidden
 	JSON422      *UnprocessableEntity
 	JSON500      *InternalError
 }
@@ -14485,6 +14486,7 @@ type DeleteTeamAPIKeyResponse struct {
 	HTTPResponse *http.Response
 	JSON400      *BadRequest
 	JSON401      *RequiresAuthentication
+	JSON403      *Forbidden
 	JSON404      *NotFound
 	JSON500      *InternalError
 }
@@ -22259,6 +22261,13 @@ func ParseCreateTeamAPIKeyResponse(rsp *http.Response) (*CreateTeamAPIKeyRespons
 		}
 		response.JSON401 = &dest
 
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 403:
+		var dest Forbidden
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON403 = &dest
+
 	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 422:
 		var dest UnprocessableEntity
 		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
@@ -22306,6 +22315,13 @@ func ParseDeleteTeamAPIKeyResponse(rsp *http.Response) (*DeleteTeamAPIKeyRespons
 		}
 		response.JSON401 = &dest
 
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 403:
+		var dest Forbidden
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON403 = &dest
+
 	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 404:
 		var dest NotFound
 		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
diff --git a/models.gen.go b/models.gen.go
index 5bc3905..1e24032 100644
--- a/models.gen.go
+++ b/models.gen.go
@@ -19,7 +19,8 @@ const (
 
 // Defines values for APIKeyScope.
 const (
-	APIKeyScopeReadAndWrite APIKeyScope = "read-and-write"
+	APIKeyScopeReadAndWrite        APIKeyScope = "read-and-write"
+	APIKeyScopeSyncsOperationsOnly APIKeyScope = "syncs-operations-only"
 )
 
 // Defines values for AddonCategory.
@@ -915,6 +916,9 @@ type CreateTeamAPIKeyRequest struct {
 
 	// Name Name of the API key
 	Name APIKeyName `json:"name"`
+
+	// Scope Scope of permissions for the API key. API keys are used for creating new plugin versions and downloading existing plugins
+	Scope *APIKeyScope `json:"scope,omitempty"`
 }
 
 // CreateTeamImages201Response defines model for CreateTeamImages_201_response.
diff --git a/spec.json b/spec.json
index 7a0c3ec..09e1c26 100644
--- a/spec.json
+++ b/spec.json
@@ -4425,6 +4425,9 @@
           "401" : {
             "$ref" : "#/components/responses/RequiresAuthentication"
           },
+          "403" : {
+            "$ref" : "#/components/responses/Forbidden"
+          },
           "422" : {
             "$ref" : "#/components/responses/UnprocessableEntity"
           },
@@ -4454,6 +4457,9 @@
           "401" : {
             "$ref" : "#/components/responses/RequiresAuthentication"
           },
+          "403" : {
+            "$ref" : "#/components/responses/Forbidden"
+          },
           "404" : {
             "$ref" : "#/components/responses/NotFound"
           },
@@ -9461,7 +9467,7 @@
       },
       "APIKeyScope" : {
         "description" : "Scope of permissions for the API key. API keys are used for creating new plugin versions and downloading existing plugins",
-        "enum" : [ "read-and-write" ],
+        "enum" : [ "read-and-write", "syncs-operations-only" ],
         "type" : "string"
       },
       "APIKey" : {
@@ -11590,6 +11596,9 @@
           "expires_at" : {
             "format" : "date-time",
             "type" : "string"
+          },
+          "scope" : {
+            "$ref" : "#/components/schemas/APIKeyScope"
           }
         },
         "required" : [ "expires_at", "name" ]