diff --git a/CHANGELOG.md b/CHANGELOG.md
index 52f5c07ab3..8b71f6540d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -132,7 +132,6 @@
 - Fix: モデレーションログがモデレーターは閲覧できないように修正
 - Fix: ハッシュタグのトレンド除外設定が即時に効果を持つように修正
 - Fix: HTTP Digestヘッダのアルゴリズム部分に大文字の"SHA-256"しか使えない
-- Fix: 管理者用APIのアクセス権限が適切に設定されていない問題を修正
 
 ## 2023.11.1
 
diff --git a/locales/index.d.ts b/locales/index.d.ts
index b3589082e1..89bdddbdcf 100644
--- a/locales/index.d.ts
+++ b/locales/index.d.ts
@@ -2066,6 +2066,55 @@ export interface Locale {
         "write:flash": string;
         "read:flash-likes": string;
         "write:flash-likes": string;
+        "read:admin:abuse-user-reports": string;
+        "write:admin:delete-account": string;
+        "write:admin:delete-all-files-of-a-user": string;
+        "read:admin:index-stats": string;
+        "read:admin:table-stats": string;
+        "read:admin:user-ips": string;
+        "read:admin:meta": string;
+        "write:admin:reset-password": string;
+        "write:admin:resolve-abuse-user-report": string;
+        "write:admin:send-email": string;
+        "read:admin:server-info": string;
+        "read:admin:show-moderation-log": string;
+        "read:admin:show-user": string;
+        "read:admin:show-users": string;
+        "write:admin:suspend-user": string;
+        "write:admin:unset-user-avatar": string;
+        "write:admin:unset-user-banner": string;
+        "write:admin:unsuspend-user": string;
+        "write:admin:meta": string;
+        "write:admin:user-note": string;
+        "write:admin:roles": string;
+        "read:admin:roles": string;
+        "write:admin:relays": string;
+        "read:admin:relays": string;
+        "write:admin:invite-codes": string;
+        "read:admin:invite-codes": string;
+        "write:admin:announcements": string;
+        "read:admin:announcements": string;
+        "write:admin:avatar-decorations": string;
+        "read:admin:avatar-decorations": string;
+        "write:admin:federation": string;
+        "write:admin:account": string;
+        "read:admin:account": string;
+        "write:admin:emoji": string;
+        "read:admin:emoji": string;
+        "write:admin:queue": string;
+        "read:admin:queue": string;
+        "write:admin:promo": string;
+        "write:admin:drive": string;
+        "read:admin:drive": string;
+        "read:admin:stream": string;
+        "write:admin:ad": string;
+        "read:admin:ad": string;
+        "write:invite-codes": string;
+        "read:invite-codes": string;
+        "write:clip-favorite": string;
+        "read:clip-favorite": string;
+        "read:federation": string;
+        "write:report-abuse": string;
     };
     "_auth": {
         "shareAccessTitle": string;
diff --git a/locales/ja-JP.yml b/locales/ja-JP.yml
index b59fb6e749..7bc5889297 100644
--- a/locales/ja-JP.yml
+++ b/locales/ja-JP.yml
@@ -1971,6 +1971,55 @@ _permissions:
   "write:flash": "Playを操作する"
   "read:flash-likes": "Playのいいねを見る"
   "write:flash-likes": "Playのいいねを操作する"
+  "read:admin:abuse-user-reports": "ユーザーからの通報を見る"
+  "write:admin:delete-account": "ユーザーアカウントを削除する"
+  "write:admin:delete-all-files-of-a-user": "ユーザーのすべてのファイルを削除する"
+  "read:admin:index-stats": "データベースインデックスに関する情報を見る"
+  "read:admin:table-stats": "データベーステーブルに関する情報を見る"
+  "read:admin:user-ips": "ユーザーのIPアドレスを見る"
+  "read:admin:meta": "インスタンスのメタデータを見る"
+  "write:admin:reset-password": "ユーザーのパスワードをリセットする"
+  "write:admin:resolve-abuse-user-report": "ユーザーからの通報を解決する"
+  "write:admin:send-email": "メールを送る"
+  "read:admin:server-info": "サーバーの情報を見る"
+  "read:admin:show-moderation-log": "モデレーションログを見る"
+  "read:admin:show-user": "ユーザーのプライベートな情報を見る"
+  "read:admin:show-users": "ユーザーのプライベートな情報を見る"
+  "write:admin:suspend-user": "ユーザーを凍結する"
+  "write:admin:unset-user-avatar": "ユーザーのアバターを削除する"
+  "write:admin:unset-user-banner": "ユーザーのバーナーを削除する"
+  "write:admin:unsuspend-user": "ユーザーの凍結を解除する"
+  "write:admin:meta": "インスタンスのメタデータを操作する"
+  "write:admin:user-note": "モデレーションノートを操作する"
+  "write:admin:roles": "ロールを操作する"
+  "read:admin:roles": "ロールを見る"
+  "write:admin:relays": "リレーを操作する"
+  "read:admin:relays": "リレーを見る"
+  "write:admin:invite-codes": "招待コードを操作する"
+  "read:admin:invite-codes": "招待コードを見る"
+  "write:admin:announcements": "お知らせを操作する"
+  "read:admin:announcements": "お知らせを見る"
+  "write:admin:avatar-decorations": "アバターデコレーションを操作する"
+  "read:admin:avatar-decorations": "アバターデコレーションを見る"
+  "write:admin:federation": "連合に関する情報を操作する"
+  "write:admin:account": "ユーザーアカウントを操作する"
+  "read:admin:account": "ユーザーに関する情報を見る"
+  "write:admin:emoji": "絵文字を操作する"
+  "read:admin:emoji": "絵文字を見る"
+  "write:admin:queue": "ジョブキューを操作する"
+  "read:admin:queue": "ジョブキューに関する情報を見る"
+  "write:admin:promo": "プロモーションノートを操作する"
+  "write:admin:drive": "ユーザーのドライブを操作する"
+  "read:admin:drive": "ユーザーのドライブの関する情報を見る"
+  "read:admin:stream": "管理者用のWebsocket APIを使う"
+  "write:admin:ad": "広告を操作する"
+  "read:admin:ad": "広告を見る"
+  "write:invite-codes": "招待コードを作成する"
+  "read:invite-codes": "招待コードを取得する"
+  "write:clip-favorite": "クリップのいいねを操作する"
+  "read:clip-favorite": "クリップのいいねを見る"
+  "read:federation": "連合に関する情報を取得する"
+  "write:report-abuse": "違反を報告する"
 
 _auth:
   shareAccessTitle: "アプリへのアクセス許可"
diff --git a/packages/backend/src/misc/api-permissions.ts b/packages/backend/src/misc/api-permissions.ts
deleted file mode 100644
index 57c9308844..0000000000
--- a/packages/backend/src/misc/api-permissions.ts
+++ /dev/null
@@ -1,40 +0,0 @@
-/*
- * SPDX-FileCopyrightText: syuilo and other misskey contributors
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-export const kinds = [
-	'read:account',
-	'write:account',
-	'read:blocks',
-	'write:blocks',
-	'read:drive',
-	'write:drive',
-	'read:favorites',
-	'write:favorites',
-	'read:following',
-	'write:following',
-	'read:messaging',
-	'write:messaging',
-	'read:mutes',
-	'write:mutes',
-	'write:notes',
-	'read:notifications',
-	'write:notifications',
-	'read:reactions',
-	'write:reactions',
-	'write:votes',
-	'read:pages',
-	'write:pages',
-	'write:page-likes',
-	'read:page-likes',
-	'read:user-groups',
-	'write:user-groups',
-	'read:channels',
-	'write:channels',
-	'read:gallery',
-	'write:gallery',
-	'read:gallery-likes',
-	'write:gallery-likes',
-];
-// IF YOU ADD KINDS(PERMISSIONS), YOU MUST ADD TRANSLATIONS (under _permissions).
diff --git a/packages/backend/src/server/api/ApiCallService.ts b/packages/backend/src/server/api/ApiCallService.ts
index 66f171a5d8..56f804dee8 100644
--- a/packages/backend/src/server/api/ApiCallService.ts
+++ b/packages/backend/src/server/api/ApiCallService.ts
@@ -330,7 +330,8 @@ export class ApiCallService implements OnApplicationShutdown {
 			}
 		}
 
-		if (token && ep.meta.kind && !token.permission.some(p => p === ep.meta.kind)) {
+		if (token && ((ep.meta.kind && !token.permission.some(p => p === ep.meta.kind))
+			|| (!ep.meta.kind && (ep.meta.requireCredential || ep.meta.requireModerator || ep.meta.requireAdmin)))) {
 			throw new ApiError({
 				message: 'Your app does not have the necessary permissions to use this endpoint.',
 				code: 'PERMISSION_DENIED',
diff --git a/packages/backend/src/server/api/StreamingApiServerService.ts b/packages/backend/src/server/api/StreamingApiServerService.ts
index dc3a00617c..3b387d92ca 100644
--- a/packages/backend/src/server/api/StreamingApiServerService.ts
+++ b/packages/backend/src/server/api/StreamingApiServerService.ts
@@ -71,6 +71,10 @@ export class StreamingApiServerService {
 
 			try {
 				[user, app] = await this.authenticateService.authenticate(token);
+
+				if (app !== null && !app.permission.some(p => p === 'read:account')) {
+					throw new AuthenticationError('Your app does not have necessary permissions to use websocket API.');
+				}
 			} catch (e) {
 				if (e instanceof AuthenticationError) {
 					socket.write([
diff --git a/packages/backend/src/server/api/endpoints.ts b/packages/backend/src/server/api/endpoints.ts
index e458d720ab..41232091c6 100644
--- a/packages/backend/src/server/api/endpoints.ts
+++ b/packages/backend/src/server/api/endpoints.ts
@@ -4,6 +4,7 @@
  */
 
 import type { Schema } from '@/misc/json-schema.js';
+import { permissions } from 'misskey-js';
 import { RolePolicies } from '@/core/RoleService.js';
 
 import * as ep___admin_meta from './endpoints/admin/meta.js';
@@ -724,7 +725,7 @@ const eps = [
 	['retention', ep___retention],
 ];
 
-export interface IEndpointMeta {
+interface IEndpointMetaBase {
 	readonly stability?: 'deprecated' | 'experimental' | 'stable';
 
 	readonly tags?: ReadonlyArray<string>;
@@ -823,6 +824,23 @@ export interface IEndpointMeta {
 	readonly cacheSec?: number;
 }
 
+export type IEndpointMeta = (Omit<IEndpointMetaBase, 'requireCrential' | 'requireModerator' | 'requireAdmin'> & {
+	requireCredential?: false,
+	requireAdmin?: false,
+	requireModerator?: false,
+}) | (Omit<IEndpointMetaBase, 'secure'> & {
+	secure: true,
+}) | (Omit<IEndpointMetaBase, 'requireCredential' | 'kind'> & {
+	requireCredential: true,
+	kind: (typeof permissions)[number],
+}) | (Omit<IEndpointMetaBase, 'requireModerator' | 'kind'> & {
+	requireModerator: true,
+	kind: (typeof permissions)[number],
+}) | (Omit<IEndpointMetaBase, 'requireAdmin' | 'kind'> & {
+	requireAdmin: true,
+	kind: (typeof permissions)[number],
+})
+
 export interface IEndpoint {
 	name: string;
 	meta: IEndpointMeta;
diff --git a/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts b/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts
index 484118cd46..3484d6707a 100644
--- a/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts
+++ b/packages/backend/src/server/api/endpoints/admin/abuse-user-reports.ts
@@ -13,10 +13,9 @@ import { AbuseUserReportEntityService } from '@/core/entities/AbuseUserReportEnt
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:abuse-user-reports',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts
index 07f24d2995..a2f9bf6945 100644
--- a/packages/backend/src/server/api/endpoints/admin/accounts/create.ts
+++ b/packages/backend/src/server/api/endpoints/admin/accounts/create.ts
@@ -15,7 +15,7 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
+	secure: true,
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts b/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts
index 86f4b0709b..52d8c8ce18 100644
--- a/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts
+++ b/packages/backend/src/server/api/endpoints/admin/accounts/delete.ts
@@ -14,10 +14,9 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireAdmin: true,
+	kind: 'write:admin:account',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts b/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts
index bc292fd53a..93673453d6 100644
--- a/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts
+++ b/packages/backend/src/server/api/endpoints/admin/accounts/find-by-email.ts
@@ -13,10 +13,9 @@ import { ApiError } from '@/server/api/error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireAdmin: true,
+	kind: 'read:admin:account',
 
 	errors: {
 		userNotFound: {
diff --git a/packages/backend/src/server/api/endpoints/admin/ad/create.ts b/packages/backend/src/server/api/endpoints/admin/ad/create.ts
index 087ae4befc..041b10f9f7 100644
--- a/packages/backend/src/server/api/endpoints/admin/ad/create.ts
+++ b/packages/backend/src/server/api/endpoints/admin/ad/create.ts
@@ -13,10 +13,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:ad',
 	res: {
 		type: 'object',
 		optional: false,
diff --git a/packages/backend/src/server/api/endpoints/admin/ad/delete.ts b/packages/backend/src/server/api/endpoints/admin/ad/delete.ts
index ba655a6aa3..5b18b347d3 100644
--- a/packages/backend/src/server/api/endpoints/admin/ad/delete.ts
+++ b/packages/backend/src/server/api/endpoints/admin/ad/delete.ts
@@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:ad',
 
 	errors: {
 		noSuchAd: {
diff --git a/packages/backend/src/server/api/endpoints/admin/ad/list.ts b/packages/backend/src/server/api/endpoints/admin/ad/list.ts
index 12528917dc..586c1f44db 100644
--- a/packages/backend/src/server/api/endpoints/admin/ad/list.ts
+++ b/packages/backend/src/server/api/endpoints/admin/ad/list.ts
@@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:ad',
 	res: {
 		type: 'array',
 		optional: false,
diff --git a/packages/backend/src/server/api/endpoints/admin/ad/update.ts b/packages/backend/src/server/api/endpoints/admin/ad/update.ts
index b83c163004..bf96e44b0c 100644
--- a/packages/backend/src/server/api/endpoints/admin/ad/update.ts
+++ b/packages/backend/src/server/api/endpoints/admin/ad/update.ts
@@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:ad',
 
 	errors: {
 		noSuchAd: {
diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/create.ts b/packages/backend/src/server/api/endpoints/admin/announcements/create.ts
index fb432336e4..c9df70c76b 100644
--- a/packages/backend/src/server/api/endpoints/admin/announcements/create.ts
+++ b/packages/backend/src/server/api/endpoints/admin/announcements/create.ts
@@ -10,10 +10,9 @@ import { AnnouncementService } from '@/core/AnnouncementService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:announcements',
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts b/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts
index e84e63c666..939333345e 100644
--- a/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts
+++ b/packages/backend/src/server/api/endpoints/admin/announcements/delete.ts
@@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:announcements',
 
 	errors: {
 		noSuchAnnouncement: {
diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/list.ts b/packages/backend/src/server/api/endpoints/admin/announcements/list.ts
index e98ef0b169..429b138599 100644
--- a/packages/backend/src/server/api/endpoints/admin/announcements/list.ts
+++ b/packages/backend/src/server/api/endpoints/admin/announcements/list.ts
@@ -14,10 +14,9 @@ import { IdService } from '@/core/IdService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:announcements',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/announcements/update.ts b/packages/backend/src/server/api/endpoints/admin/announcements/update.ts
index e2ec344899..db6db8356d 100644
--- a/packages/backend/src/server/api/endpoints/admin/announcements/update.ts
+++ b/packages/backend/src/server/api/endpoints/admin/announcements/update.ts
@@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:announcements',
 
 	errors: {
 		noSuchAnnouncement: {
diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts
index 158435ed21..4ac74253cc 100644
--- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts
+++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/create.ts
@@ -10,10 +10,9 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageAvatarDecorations',
+	kind: 'write:admin:avatar-decorations',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts
index 06083cc180..88977f801a 100644
--- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts
+++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/delete.ts
@@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageAvatarDecorations',
+	kind: 'write:admin:avatar-decorations',
 	errors: {
 	},
 } as const;
diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts
index 49a8718bce..33122c3eef 100644
--- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts
+++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/list.ts
@@ -15,10 +15,9 @@ import { AvatarDecorationService } from '@/core/AvatarDecorationService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageAvatarDecorations',
+	kind: 'read:admin:avatar-decorations',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts
index 3d8f3d63de..6211345f96 100644
--- a/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts
+++ b/packages/backend/src/server/api/endpoints/admin/avatar-decorations/update.ts
@@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageAvatarDecorations',
+	kind: 'write:admin:avatar-decorations',
 
 	errors: {
 	},
diff --git a/packages/backend/src/server/api/endpoints/admin/delete-account.ts b/packages/backend/src/server/api/endpoints/admin/delete-account.ts
index adc446d14b..2c82c2879d 100644
--- a/packages/backend/src/server/api/endpoints/admin/delete-account.ts
+++ b/packages/backend/src/server/api/endpoints/admin/delete-account.ts
@@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireAdmin: true,
+	kind: 'write:admin:delete-account',
 
 	res: {
 	},
diff --git a/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts b/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts
index 1fdbbfb12e..7d33065f2e 100644
--- a/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts
+++ b/packages/backend/src/server/api/endpoints/admin/delete-all-files-of-a-user.ts
@@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireAdmin: true,
+	kind: 'write:admin:delete-all-files-of-a-user',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts b/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts
index 3f23319a5f..af2bb6b1ca 100644
--- a/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts
+++ b/packages/backend/src/server/api/endpoints/admin/drive/clean-remote-files.ts
@@ -10,10 +10,9 @@ import { QueueService } from '@/core/QueueService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:drive',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts b/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts
index fd8fa46a47..a3b221284b 100644
--- a/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts
+++ b/packages/backend/src/server/api/endpoints/admin/drive/cleanup.ts
@@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:drive',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/drive/files.ts b/packages/backend/src/server/api/endpoints/admin/drive/files.ts
index 816bbfbc45..37fa439bcf 100644
--- a/packages/backend/src/server/api/endpoints/admin/drive/files.ts
+++ b/packages/backend/src/server/api/endpoints/admin/drive/files.ts
@@ -13,10 +13,9 @@ import { DriveFileEntityService } from '@/core/entities/DriveFileEntityService.j
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:drive',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts b/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts
index 61cb843558..3aeb3e45e3 100644
--- a/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts
+++ b/packages/backend/src/server/api/endpoints/admin/drive/show-file.ts
@@ -14,10 +14,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:drive',
 
 	errors: {
 		noSuchFile: {
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts
index 5333adb624..1cd8125c52 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/add-aliases-bulk.ts
@@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
+	kind: 'write:admin:emoji',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/add.ts b/packages/backend/src/server/api/endpoints/admin/emoji/add.ts
index 76ff1c6b94..4a9418d051 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/add.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/add.ts
@@ -14,10 +14,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
+	kind: 'write:admin:emoji',
 
 	errors: {
 		noSuchFile: {
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts b/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts
index 87260faa43..476780b23f 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/copy.ts
@@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
+	kind: 'write:admin:emoji',
 
 	errors: {
 		noSuchEmoji: {
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts
index c483794a40..450695984a 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/delete-bulk.ts
@@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
+	kind: 'write:admin:emoji',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts b/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts
index e15af7717b..e1e6e7c2c4 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/delete.ts
@@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
+	kind: 'write:admin:emoji',
 
 	errors: {
 		noSuchEmoji: {
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts b/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts
index b75616f3cc..208616c0ac 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/import-zip.ts
@@ -8,7 +8,7 @@ import { Endpoint } from '@/server/api/endpoint-base.js';
 import { QueueService } from '@/core/QueueService.js';
 
 export const meta = {
-	kind: 'write:admin',
+	secure: true,
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
 } as const;
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts b/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts
index a383e09338..f3e0c1ef1f 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/list-remote.ts
@@ -15,10 +15,9 @@ import { sqlLikeEscape } from '@/misc/sql-like-escape.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
+	kind: 'read:admin:emoji',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/list.ts b/packages/backend/src/server/api/endpoints/admin/emoji/list.ts
index 210b3639c3..59e87253f6 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/list.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/list.ts
@@ -15,10 +15,9 @@ import { EmojiEntityService } from '@/core/entities/EmojiEntityService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
+	kind: 'read:admin:emoji',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts
index 8e92db1daf..26dd43e926 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/remove-aliases-bulk.ts
@@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
+	kind: 'write:admin:emoji',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts
index 5a06b5b32f..18961976f9 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/set-aliases-bulk.ts
@@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
+	kind: 'write:admin:emoji',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts
index b3e9c6df13..c680f2e2d4 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/set-category-bulk.ts
@@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
+	kind: 'write:admin:emoji',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts b/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts
index c59d13ad16..47c692b613 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/set-license-bulk.ts
@@ -10,10 +10,9 @@ import { CustomEmojiService } from '@/core/CustomEmojiService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
+	kind: 'write:admin:emoji',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/emoji/update.ts b/packages/backend/src/server/api/endpoints/admin/emoji/update.ts
index 61d857b7b0..550bb0052b 100644
--- a/packages/backend/src/server/api/endpoints/admin/emoji/update.ts
+++ b/packages/backend/src/server/api/endpoints/admin/emoji/update.ts
@@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireRolePolicy: 'canManageCustomEmojis',
+	kind: 'write:admin:emoji',
 
 	errors: {
 		noSuchEmoji: {
diff --git a/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts b/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts
index b81297413c..57612850b4 100644
--- a/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts
+++ b/packages/backend/src/server/api/endpoints/admin/federation/delete-all-files.ts
@@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:federation',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts b/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts
index 6cc4e3087f..0d061c685f 100644
--- a/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts
+++ b/packages/backend/src/server/api/endpoints/admin/federation/refresh-remote-instance-metadata.ts
@@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:federation',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts b/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts
index 18884dfca6..c15fb83454 100644
--- a/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts
+++ b/packages/backend/src/server/api/endpoints/admin/federation/remove-all-following.ts
@@ -12,10 +12,9 @@ import { QueueService } from '@/core/QueueService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:federation',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts b/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts
index 4232d42ba5..f429949e16 100644
--- a/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts
+++ b/packages/backend/src/server/api/endpoints/admin/federation/update-instance.ts
@@ -14,10 +14,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:federation',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts b/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts
index b81d9857d7..0b50212119 100644
--- a/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts
+++ b/packages/backend/src/server/api/endpoints/admin/get-index-stats.ts
@@ -11,8 +11,7 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	requireCredential: true,
 	requireAdmin: true,
-
-	kind: 'read:admin',
+	kind: 'read:admin:index-stats',
 
 	tags: ['admin'],
 	res: {
diff --git a/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts b/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts
index c104f653ef..0d44b288cb 100644
--- a/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts
+++ b/packages/backend/src/server/api/endpoints/admin/get-table-stats.ts
@@ -11,8 +11,7 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	requireCredential: true,
 	requireAdmin: true,
-
-	kind: 'read:admin',
+	kind: 'read:admin:table-stats',
 
 	tags: ['admin'],
 
diff --git a/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts b/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts
index 76c32f2a9f..1b437f718b 100644
--- a/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts
+++ b/packages/backend/src/server/api/endpoints/admin/get-user-ips.ts
@@ -12,10 +12,9 @@ import { IdService } from '@/core/IdService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:user-ips',
 	res: {
 		type: 'array',
 		optional: false,
@@ -34,7 +33,7 @@ export const meta = {
 				},
 			},
 		},
-	}
+	},
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/invite/create.ts b/packages/backend/src/server/api/endpoints/admin/invite/create.ts
index 96de772edc..396b84623f 100644
--- a/packages/backend/src/server/api/endpoints/admin/invite/create.ts
+++ b/packages/backend/src/server/api/endpoints/admin/invite/create.ts
@@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:invite-codes',
 
 	errors: {
 		invalidDateTime: {
diff --git a/packages/backend/src/server/api/endpoints/admin/invite/list.ts b/packages/backend/src/server/api/endpoints/admin/invite/list.ts
index 3b7dc72e11..d293dcadc6 100644
--- a/packages/backend/src/server/api/endpoints/admin/invite/list.ts
+++ b/packages/backend/src/server/api/endpoints/admin/invite/list.ts
@@ -12,10 +12,9 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:invite-codes',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/meta.ts b/packages/backend/src/server/api/endpoints/admin/meta.ts
index eef27b9721..febc4ab1b1 100644
--- a/packages/backend/src/server/api/endpoints/admin/meta.ts
+++ b/packages/backend/src/server/api/endpoints/admin/meta.ts
@@ -13,10 +13,9 @@ import { DEFAULT_POLICIES } from '@/core/RoleService.js';
 export const meta = {
 	tags: ['meta'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireAdmin: true,
+	kind: 'read:admin:meta',
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/admin/promo/create.ts b/packages/backend/src/server/api/endpoints/admin/promo/create.ts
index e2befec50f..ab69dfba96 100644
--- a/packages/backend/src/server/api/endpoints/admin/promo/create.ts
+++ b/packages/backend/src/server/api/endpoints/admin/promo/create.ts
@@ -13,10 +13,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:promo',
 
 	errors: {
 		noSuchNote: {
diff --git a/packages/backend/src/server/api/endpoints/admin/queue/clear.ts b/packages/backend/src/server/api/endpoints/admin/queue/clear.ts
index 1d565e8f24..9912043c8b 100644
--- a/packages/backend/src/server/api/endpoints/admin/queue/clear.ts
+++ b/packages/backend/src/server/api/endpoints/admin/queue/clear.ts
@@ -11,10 +11,9 @@ import { QueueService } from '@/core/QueueService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:queue',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts b/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts
index 30005fc666..8473909103 100644
--- a/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts
+++ b/packages/backend/src/server/api/endpoints/admin/queue/deliver-delayed.ts
@@ -11,10 +11,9 @@ import type { DeliverQueue } from '@/core/QueueModule.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:queue',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts b/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts
index aa8b6edee5..19f7cb85c0 100644
--- a/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts
+++ b/packages/backend/src/server/api/endpoints/admin/queue/inbox-delayed.ts
@@ -11,10 +11,9 @@ import type { InboxQueue } from '@/core/QueueModule.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:queue',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/queue/promote.ts b/packages/backend/src/server/api/endpoints/admin/queue/promote.ts
index 8f46cd6375..d06780e044 100644
--- a/packages/backend/src/server/api/endpoints/admin/queue/promote.ts
+++ b/packages/backend/src/server/api/endpoints/admin/queue/promote.ts
@@ -11,10 +11,9 @@ import { QueueService } from '@/core/QueueService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:queue',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/queue/stats.ts b/packages/backend/src/server/api/endpoints/admin/queue/stats.ts
index 1d92e2bf86..189690b703 100644
--- a/packages/backend/src/server/api/endpoints/admin/queue/stats.ts
+++ b/packages/backend/src/server/api/endpoints/admin/queue/stats.ts
@@ -10,10 +10,9 @@ import type { DbQueue, DeliverQueue, EndedPollNotificationQueue, InboxQueue, Obj
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:emoji',
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/admin/relays/add.ts b/packages/backend/src/server/api/endpoints/admin/relays/add.ts
index 53b83560cf..d55dff7b0c 100644
--- a/packages/backend/src/server/api/endpoints/admin/relays/add.ts
+++ b/packages/backend/src/server/api/endpoints/admin/relays/add.ts
@@ -12,10 +12,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:relays',
 
 	errors: {
 		invalidUrl: {
diff --git a/packages/backend/src/server/api/endpoints/admin/relays/list.ts b/packages/backend/src/server/api/endpoints/admin/relays/list.ts
index 35c8e05487..61ea287bff 100644
--- a/packages/backend/src/server/api/endpoints/admin/relays/list.ts
+++ b/packages/backend/src/server/api/endpoints/admin/relays/list.ts
@@ -10,10 +10,9 @@ import { RelayService } from '@/core/RelayService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:relays',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/relays/remove.ts b/packages/backend/src/server/api/endpoints/admin/relays/remove.ts
index fdc53cb708..8a6dd4e152 100644
--- a/packages/backend/src/server/api/endpoints/admin/relays/remove.ts
+++ b/packages/backend/src/server/api/endpoints/admin/relays/remove.ts
@@ -10,10 +10,9 @@ import { RelayService } from '@/core/RelayService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:relays',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/reset-password.ts b/packages/backend/src/server/api/endpoints/admin/reset-password.ts
index 73bbd1f091..1a402b4a4a 100644
--- a/packages/backend/src/server/api/endpoints/admin/reset-password.ts
+++ b/packages/backend/src/server/api/endpoints/admin/reset-password.ts
@@ -14,10 +14,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:reset-password',
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts b/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts
index fb26c82a9d..26c4038b98 100644
--- a/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts
+++ b/packages/backend/src/server/api/endpoints/admin/resolve-abuse-user-report.ts
@@ -15,10 +15,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:resolve-abuse-user-report',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/roles/assign.ts b/packages/backend/src/server/api/endpoints/admin/roles/assign.ts
index bbd4cfabbe..8eb3d2bf59 100644
--- a/packages/backend/src/server/api/endpoints/admin/roles/assign.ts
+++ b/packages/backend/src/server/api/endpoints/admin/roles/assign.ts
@@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:roles',
 
 	errors: {
 		noSuchRole: {
diff --git a/packages/backend/src/server/api/endpoints/admin/roles/create.ts b/packages/backend/src/server/api/endpoints/admin/roles/create.ts
index ac6085d921..de23d2fb11 100644
--- a/packages/backend/src/server/api/endpoints/admin/roles/create.ts
+++ b/packages/backend/src/server/api/endpoints/admin/roles/create.ts
@@ -11,10 +11,9 @@ import { RoleService } from '@/core/RoleService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireAdmin: true,
+	kind: 'write:admin:roles',
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/admin/roles/delete.ts b/packages/backend/src/server/api/endpoints/admin/roles/delete.ts
index f60d6754a5..9e2968e317 100644
--- a/packages/backend/src/server/api/endpoints/admin/roles/delete.ts
+++ b/packages/backend/src/server/api/endpoints/admin/roles/delete.ts
@@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireAdmin: true,
+	kind: 'write:admin:roles',
 
 	errors: {
 		noSuchRole: {
diff --git a/packages/backend/src/server/api/endpoints/admin/roles/list.ts b/packages/backend/src/server/api/endpoints/admin/roles/list.ts
index 30917ce984..d3d1a10a69 100644
--- a/packages/backend/src/server/api/endpoints/admin/roles/list.ts
+++ b/packages/backend/src/server/api/endpoints/admin/roles/list.ts
@@ -12,10 +12,9 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:roles',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/roles/show.ts b/packages/backend/src/server/api/endpoints/admin/roles/show.ts
index 91e32d95be..ad4345e5a5 100644
--- a/packages/backend/src/server/api/endpoints/admin/roles/show.ts
+++ b/packages/backend/src/server/api/endpoints/admin/roles/show.ts
@@ -13,10 +13,9 @@ import { RoleEntityService } from '@/core/entities/RoleEntityService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
-	kind: 'read:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:roles',
 
 	errors: {
 		noSuchRole: {
diff --git a/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts b/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts
index 701fea1ed5..c11265252c 100644
--- a/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts
+++ b/packages/backend/src/server/api/endpoints/admin/roles/unassign.ts
@@ -13,10 +13,9 @@ import { RoleService } from '@/core/RoleService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:roles',
 
 	errors: {
 		noSuchRole: {
diff --git a/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts b/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts
index 066fc73234..203f749a6e 100644
--- a/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts
+++ b/packages/backend/src/server/api/endpoints/admin/roles/update-default-policies.ts
@@ -11,10 +11,9 @@ import { MetaService } from '@/core/MetaService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireAdmin: true,
+	kind: 'write:admin:roles',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/roles/update.ts b/packages/backend/src/server/api/endpoints/admin/roles/update.ts
index 6cfcd8ca4a..74d5aae5d8 100644
--- a/packages/backend/src/server/api/endpoints/admin/roles/update.ts
+++ b/packages/backend/src/server/api/endpoints/admin/roles/update.ts
@@ -14,10 +14,9 @@ import { RoleService } from '@/core/RoleService.js';
 export const meta = {
 	tags: ['admin', 'role'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireAdmin: true,
+	kind: 'write:admin:roles',
 
 	errors: {
 		noSuchRole: {
diff --git a/packages/backend/src/server/api/endpoints/admin/roles/users.ts b/packages/backend/src/server/api/endpoints/admin/roles/users.ts
index 6a0f7f9987..66f4d9d26b 100644
--- a/packages/backend/src/server/api/endpoints/admin/roles/users.ts
+++ b/packages/backend/src/server/api/endpoints/admin/roles/users.ts
@@ -16,10 +16,9 @@ import { ApiError } from '../../../error.js';
 export const meta = {
 	tags: ['admin', 'role', 'users'],
 
-	kind: 'read:admin',
-
 	requireCredential: false,
 	requireAdmin: true,
+	kind: 'read:admin:roles',
 
 	errors: {
 		noSuchRole: {
diff --git a/packages/backend/src/server/api/endpoints/admin/send-email.ts b/packages/backend/src/server/api/endpoints/admin/send-email.ts
index d22066909e..d20aee656c 100644
--- a/packages/backend/src/server/api/endpoints/admin/send-email.ts
+++ b/packages/backend/src/server/api/endpoints/admin/send-email.ts
@@ -10,10 +10,9 @@ import { EmailService } from '@/core/EmailService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:send-email',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/server-info.ts b/packages/backend/src/server/api/endpoints/admin/server-info.ts
index d3c3bebff6..374712f57d 100644
--- a/packages/backend/src/server/api/endpoints/admin/server-info.ts
+++ b/packages/backend/src/server/api/endpoints/admin/server-info.ts
@@ -14,11 +14,10 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'read:admin:server-info',
 
 	tags: ['admin', 'meta'],
 
-	kind: 'read:admin',
-
 	res: {
 		type: 'object',
 		optional: false, nullable: false,
diff --git a/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts b/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts
index c82532ed67..f3601be9bb 100644
--- a/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts
+++ b/packages/backend/src/server/api/endpoints/admin/show-moderation-logs.ts
@@ -15,8 +15,7 @@ export const meta = {
 
 	requireCredential: true,
 	requireAdmin: true,
-
-	kind: 'read:admin',
+	kind: 'read:admin:show-moderation-log',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/show-user.ts b/packages/backend/src/server/api/endpoints/admin/show-user.ts
index f1e7b75a32..2b50354cef 100644
--- a/packages/backend/src/server/api/endpoints/admin/show-user.ts
+++ b/packages/backend/src/server/api/endpoints/admin/show-user.ts
@@ -16,8 +16,7 @@ export const meta = {
 
 	requireCredential: true,
 	requireModerator: true,
-
-	kind: 'read:admin',
+	kind: 'read:admin:show-user',
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/admin/show-users.ts b/packages/backend/src/server/api/endpoints/admin/show-users.ts
index 5081383687..1d31e5e80f 100644
--- a/packages/backend/src/server/api/endpoints/admin/show-users.ts
+++ b/packages/backend/src/server/api/endpoints/admin/show-users.ts
@@ -16,8 +16,7 @@ export const meta = {
 
 	requireCredential: true,
 	requireModerator: true,
-
-	kind: 'read:admin',
+	kind: 'read:admin:show-users',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/admin/suspend-user.ts b/packages/backend/src/server/api/endpoints/admin/suspend-user.ts
index 35c3f37481..a26fa81c13 100644
--- a/packages/backend/src/server/api/endpoints/admin/suspend-user.ts
+++ b/packages/backend/src/server/api/endpoints/admin/suspend-user.ts
@@ -19,10 +19,9 @@ import { QueueService } from '@/core/QueueService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:suspend-user',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts b/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts
index 2309493937..8b22fad1d4 100644
--- a/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts
+++ b/packages/backend/src/server/api/endpoints/admin/unset-user-avatar.ts
@@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:unset-user-avatar',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts b/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts
index 468c634e5b..5ec359c0ef 100644
--- a/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts
+++ b/packages/backend/src/server/api/endpoints/admin/unset-user-banner.ts
@@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:unset-user-banner',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts b/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts
index 8cdd317eae..9c896f0e64 100644
--- a/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts
+++ b/packages/backend/src/server/api/endpoints/admin/unsuspend-user.ts
@@ -13,10 +13,9 @@ import { DI } from '@/di-symbols.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:unsuspend-user',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/update-meta.ts b/packages/backend/src/server/api/endpoints/admin/update-meta.ts
index 5f9de0523e..5a215696fb 100644
--- a/packages/backend/src/server/api/endpoints/admin/update-meta.ts
+++ b/packages/backend/src/server/api/endpoints/admin/update-meta.ts
@@ -12,10 +12,9 @@ import { MetaService } from '@/core/MetaService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireAdmin: true,
+	kind: 'write:admin:meta',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/admin/update-user-note.ts b/packages/backend/src/server/api/endpoints/admin/update-user-note.ts
index dd0b777373..e582147e72 100644
--- a/packages/backend/src/server/api/endpoints/admin/update-user-note.ts
+++ b/packages/backend/src/server/api/endpoints/admin/update-user-note.ts
@@ -12,10 +12,9 @@ import { ModerationLogService } from '@/core/ModerationLogService.js';
 export const meta = {
 	tags: ['admin'],
 
-	kind: 'write:admin',
-
 	requireCredential: true,
 	requireModerator: true,
+	kind: 'write:admin:user-note',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/ap/get.ts b/packages/backend/src/server/api/endpoints/ap/get.ts
index a4a7fd2037..e0ef5d413a 100644
--- a/packages/backend/src/server/api/endpoints/ap/get.ts
+++ b/packages/backend/src/server/api/endpoints/ap/get.ts
@@ -12,6 +12,7 @@ export const meta = {
 	tags: ['federation'],
 
 	requireCredential: true,
+	kind: 'read:federation',
 
 	limit: {
 		duration: ms('1hour'),
diff --git a/packages/backend/src/server/api/endpoints/ap/show.ts b/packages/backend/src/server/api/endpoints/ap/show.ts
index f442fbdd2f..7e5c7a917c 100644
--- a/packages/backend/src/server/api/endpoints/ap/show.ts
+++ b/packages/backend/src/server/api/endpoints/ap/show.ts
@@ -25,6 +25,7 @@ export const meta = {
 	tags: ['federation'],
 
 	requireCredential: true,
+	kind: 'read:account',
 
 	limit: {
 		duration: ms('1hour'),
diff --git a/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts b/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts
index c0aa882088..e6198ff601 100644
--- a/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts
+++ b/packages/backend/src/server/api/endpoints/federation/update-remote-user.ts
@@ -11,7 +11,7 @@ import { GetterService } from '@/server/api/GetterService.js';
 export const meta = {
 	tags: ['federation'],
 
-	requireCredential: true,
+	requireCredential: false,
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/fetch-external-resources.ts b/packages/backend/src/server/api/endpoints/fetch-external-resources.ts
index 6391a2f580..cbe579eb6b 100644
--- a/packages/backend/src/server/api/endpoints/fetch-external-resources.ts
+++ b/packages/backend/src/server/api/endpoints/fetch-external-resources.ts
@@ -14,6 +14,7 @@ export const meta = {
 	tags: ['meta'],
 
 	requireCredential: true,
+	secure: true,
 
 	limit: {
 		duration: ms('1hour'),
diff --git a/packages/backend/src/server/api/endpoints/i.ts b/packages/backend/src/server/api/endpoints/i.ts
index c0530bf392..c24e049180 100644
--- a/packages/backend/src/server/api/endpoints/i.ts
+++ b/packages/backend/src/server/api/endpoints/i.ts
@@ -14,6 +14,7 @@ export const meta = {
 	tags: ['account'],
 
 	requireCredential: true,
+	kind: "read:account",
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/i/claim-achievement.ts b/packages/backend/src/server/api/endpoints/i/claim-achievement.ts
index b24b3438dc..57f680bd7e 100644
--- a/packages/backend/src/server/api/endpoints/i/claim-achievement.ts
+++ b/packages/backend/src/server/api/endpoints/i/claim-achievement.ts
@@ -10,6 +10,7 @@ import { AchievementService, ACHIEVEMENT_TYPES } from '@/core/AchievementService
 export const meta = {
 	requireCredential: true,
 	prohibitMoved: true,
+	kind: 'write:account',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/i/registry/get-all.ts b/packages/backend/src/server/api/endpoints/i/registry/get-all.ts
index bd6e85a074..79a81cb73f 100644
--- a/packages/backend/src/server/api/endpoints/i/registry/get-all.ts
+++ b/packages/backend/src/server/api/endpoints/i/registry/get-all.ts
@@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js';
 
 export const meta = {
 	requireCredential: true,
+	kind: 'read:account',
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts b/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts
index 2352beb130..d9b26cab2c 100644
--- a/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts
+++ b/packages/backend/src/server/api/endpoints/i/registry/get-detail.ts
@@ -10,6 +10,7 @@ import { ApiError } from '../../../error.js';
 
 export const meta = {
 	requireCredential: true,
+	kind: 'read:account',
 
 	errors: {
 		noSuchKey: {
diff --git a/packages/backend/src/server/api/endpoints/i/registry/get.ts b/packages/backend/src/server/api/endpoints/i/registry/get.ts
index 4155a43e0d..c373410256 100644
--- a/packages/backend/src/server/api/endpoints/i/registry/get.ts
+++ b/packages/backend/src/server/api/endpoints/i/registry/get.ts
@@ -10,6 +10,7 @@ import { ApiError } from '../../../error.js';
 
 export const meta = {
 	requireCredential: true,
+	kind: 'read:account',
 
 	errors: {
 		noSuchKey: {
diff --git a/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts b/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts
index b411cdd3d9..a91dcd9543 100644
--- a/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts
+++ b/packages/backend/src/server/api/endpoints/i/registry/keys-with-type.ts
@@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js';
 
 export const meta = {
 	requireCredential: true,
+	kind: 'read:account',
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/i/registry/keys.ts b/packages/backend/src/server/api/endpoints/i/registry/keys.ts
index 04e120d752..ad203d5203 100644
--- a/packages/backend/src/server/api/endpoints/i/registry/keys.ts
+++ b/packages/backend/src/server/api/endpoints/i/registry/keys.ts
@@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js';
 
 export const meta = {
 	requireCredential: true,
+	kind: 'read:account',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/i/registry/remove.ts b/packages/backend/src/server/api/endpoints/i/registry/remove.ts
index ba8100b547..9cbe271b91 100644
--- a/packages/backend/src/server/api/endpoints/i/registry/remove.ts
+++ b/packages/backend/src/server/api/endpoints/i/registry/remove.ts
@@ -12,6 +12,7 @@ import { ApiError } from '../../../error.js';
 
 export const meta = {
 	requireCredential: true,
+	kind: 'write:account',
 
 	errors: {
 		noSuchKey: {
diff --git a/packages/backend/src/server/api/endpoints/i/registry/set.ts b/packages/backend/src/server/api/endpoints/i/registry/set.ts
index 58bb450bce..c61d5b8727 100644
--- a/packages/backend/src/server/api/endpoints/i/registry/set.ts
+++ b/packages/backend/src/server/api/endpoints/i/registry/set.ts
@@ -9,6 +9,7 @@ import { RegistryApiService } from '@/core/RegistryApiService.js';
 
 export const meta = {
 	requireCredential: true,
+	kind: 'write:account',
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/invite/create.ts b/packages/backend/src/server/api/endpoints/invite/create.ts
index d82fa50e4f..4f37f2f4bb 100644
--- a/packages/backend/src/server/api/endpoints/invite/create.ts
+++ b/packages/backend/src/server/api/endpoints/invite/create.ts
@@ -19,6 +19,7 @@ export const meta = {
 
 	requireCredential: true,
 	requireRolePolicy: 'canInvite',
+	kind: 'write:invite-codes',
 
 	errors: {
 		exceededCreateLimit: {
diff --git a/packages/backend/src/server/api/endpoints/invite/delete.ts b/packages/backend/src/server/api/endpoints/invite/delete.ts
index 3b57775739..d84430a49f 100644
--- a/packages/backend/src/server/api/endpoints/invite/delete.ts
+++ b/packages/backend/src/server/api/endpoints/invite/delete.ts
@@ -15,6 +15,7 @@ export const meta = {
 
 	requireCredential: true,
 	requireRolePolicy: 'canInvite',
+	kind: 'write:invite-codes',
 
 	errors: {
 		noSuchCode: {
diff --git a/packages/backend/src/server/api/endpoints/invite/limit.ts b/packages/backend/src/server/api/endpoints/invite/limit.ts
index 1f4190c948..fc3bb9bdc2 100644
--- a/packages/backend/src/server/api/endpoints/invite/limit.ts
+++ b/packages/backend/src/server/api/endpoints/invite/limit.ts
@@ -16,6 +16,7 @@ export const meta = {
 
 	requireCredential: true,
 	requireRolePolicy: 'canInvite',
+	kind: 'read:invite-codes',
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/invite/list.ts b/packages/backend/src/server/api/endpoints/invite/list.ts
index 2107516ce4..6734f27e14 100644
--- a/packages/backend/src/server/api/endpoints/invite/list.ts
+++ b/packages/backend/src/server/api/endpoints/invite/list.ts
@@ -15,6 +15,7 @@ export const meta = {
 
 	requireCredential: true,
 	requireRolePolicy: 'canInvite',
+	kind: 'read:invite-codes',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/my/apps.ts b/packages/backend/src/server/api/endpoints/my/apps.ts
index 98c317346f..1b70b85b07 100644
--- a/packages/backend/src/server/api/endpoints/my/apps.ts
+++ b/packages/backend/src/server/api/endpoints/my/apps.ts
@@ -13,6 +13,7 @@ export const meta = {
 	tags: ['account', 'app'],
 
 	requireCredential: true,
+	kind: 'read:account',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts b/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts
index effcbaf2ee..01adfec7d3 100644
--- a/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts
+++ b/packages/backend/src/server/api/endpoints/notes/hybrid-timeline.ts
@@ -25,6 +25,7 @@ export const meta = {
 	tags: ['notes'],
 
 	requireCredential: true,
+	kind: 'read:account',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/notes/mentions.ts b/packages/backend/src/server/api/endpoints/notes/mentions.ts
index 6fab024d17..2317f8f7b2 100644
--- a/packages/backend/src/server/api/endpoints/notes/mentions.ts
+++ b/packages/backend/src/server/api/endpoints/notes/mentions.ts
@@ -16,6 +16,7 @@ export const meta = {
 	tags: ['notes'],
 
 	requireCredential: true,
+	kind: 'read:account',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts b/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts
index af7ff8bdcd..90af29a695 100644
--- a/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts
+++ b/packages/backend/src/server/api/endpoints/notes/polls/recommendation.ts
@@ -14,6 +14,7 @@ export const meta = {
 	tags: ['notes'],
 
 	requireCredential: true,
+	kind: 'read:account',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/notes/state.ts b/packages/backend/src/server/api/endpoints/notes/state.ts
index b5fd47723c..20faea566d 100644
--- a/packages/backend/src/server/api/endpoints/notes/state.ts
+++ b/packages/backend/src/server/api/endpoints/notes/state.ts
@@ -12,6 +12,7 @@ export const meta = {
 	tags: ['notes'],
 
 	requireCredential: true,
+	kind: 'read:account',
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/notes/timeline.ts b/packages/backend/src/server/api/endpoints/notes/timeline.ts
index 790bcbe151..e90d6ec198 100644
--- a/packages/backend/src/server/api/endpoints/notes/timeline.ts
+++ b/packages/backend/src/server/api/endpoints/notes/timeline.ts
@@ -22,6 +22,7 @@ export const meta = {
 	tags: ['notes'],
 
 	requireCredential: true,
+	kind: 'read:account',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/notes/translate.ts b/packages/backend/src/server/api/endpoints/notes/translate.ts
index d46bd69795..698c37b616 100644
--- a/packages/backend/src/server/api/endpoints/notes/translate.ts
+++ b/packages/backend/src/server/api/endpoints/notes/translate.ts
@@ -17,6 +17,7 @@ export const meta = {
 	tags: ['notes'],
 
 	requireCredential: true,
+	kind: 'read:account',
 
 	res: {
 		type: 'object',
diff --git a/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts b/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts
index 10d3a7a697..71c2b8054e 100644
--- a/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts
+++ b/packages/backend/src/server/api/endpoints/notes/user-list-timeline.ts
@@ -22,6 +22,7 @@ export const meta = {
 	tags: ['notes', 'lists'],
 
 	requireCredential: true,
+	kind: 'read:account',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/promo/read.ts b/packages/backend/src/server/api/endpoints/promo/read.ts
index 7d07c92178..f427939a7a 100644
--- a/packages/backend/src/server/api/endpoints/promo/read.ts
+++ b/packages/backend/src/server/api/endpoints/promo/read.ts
@@ -15,6 +15,7 @@ export const meta = {
 	tags: ['notes'],
 
 	requireCredential: true,
+	kind: 'write:account',
 
 	errors: {
 		noSuchNote: {
diff --git a/packages/backend/src/server/api/endpoints/roles/list.ts b/packages/backend/src/server/api/endpoints/roles/list.ts
index dc2be8e11d..d40e937d4e 100644
--- a/packages/backend/src/server/api/endpoints/roles/list.ts
+++ b/packages/backend/src/server/api/endpoints/roles/list.ts
@@ -13,6 +13,7 @@ export const meta = {
 	tags: ['role'],
 
 	requireCredential: true,
+	kind: 'read:account',
 
 	res: {
 		type: 'array',
diff --git a/packages/backend/src/server/api/endpoints/roles/notes.ts b/packages/backend/src/server/api/endpoints/roles/notes.ts
index 7010df22c9..4ce3fc8908 100644
--- a/packages/backend/src/server/api/endpoints/roles/notes.ts
+++ b/packages/backend/src/server/api/endpoints/roles/notes.ts
@@ -18,6 +18,7 @@ export const meta = {
 	tags: ['role', 'notes'],
 
 	requireCredential: true,
+	kind: 'read:account',
 
 	errors: {
 		noSuchRole: {
diff --git a/packages/backend/src/server/api/endpoints/sw/register.ts b/packages/backend/src/server/api/endpoints/sw/register.ts
index 9ab062326d..bb50048d94 100644
--- a/packages/backend/src/server/api/endpoints/sw/register.ts
+++ b/packages/backend/src/server/api/endpoints/sw/register.ts
@@ -14,6 +14,7 @@ export const meta = {
 	tags: ['account'],
 
 	requireCredential: true,
+	secure: true,
 
 	description: 'Register to receive push notifications.',
 
diff --git a/packages/backend/src/server/api/endpoints/sw/show-registration.ts b/packages/backend/src/server/api/endpoints/sw/show-registration.ts
index 126299e3f7..15d3df8587 100644
--- a/packages/backend/src/server/api/endpoints/sw/show-registration.ts
+++ b/packages/backend/src/server/api/endpoints/sw/show-registration.ts
@@ -12,6 +12,7 @@ export const meta = {
 	tags: ['account'],
 
 	requireCredential: true,
+	secure: true,
 
 	description: 'Check push notification registration exists.',
 
diff --git a/packages/backend/src/server/api/endpoints/sw/update-registration.ts b/packages/backend/src/server/api/endpoints/sw/update-registration.ts
index a1a97df0be..7bf59784a2 100644
--- a/packages/backend/src/server/api/endpoints/sw/update-registration.ts
+++ b/packages/backend/src/server/api/endpoints/sw/update-registration.ts
@@ -13,6 +13,7 @@ export const meta = {
 	tags: ['account'],
 
 	requireCredential: true,
+	secure: true,
 
 	description: 'Update push notification registration.',
 
diff --git a/packages/backend/src/server/api/endpoints/users/achievements.ts b/packages/backend/src/server/api/endpoints/users/achievements.ts
index d6ad718dfa..3a584a819a 100644
--- a/packages/backend/src/server/api/endpoints/users/achievements.ts
+++ b/packages/backend/src/server/api/endpoints/users/achievements.ts
@@ -9,7 +9,7 @@ import type { UserProfilesRepository } from '@/models/_.js';
 import { DI } from '@/di-symbols.js';
 
 export const meta = {
-	requireCredential: true,
+	requireCredential: false,
 
 	res: {
 		type: 'array',
@@ -24,7 +24,7 @@ export const meta = {
 				},
 			},
 		},
-	}
+	},
 } as const;
 
 export const paramDef = {
diff --git a/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts b/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts
index 4eb37c3e43..fa2e3338b8 100644
--- a/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts
+++ b/packages/backend/src/server/api/endpoints/users/lists/create-from-public.ts
@@ -18,6 +18,7 @@ import { UserListService } from '@/core/UserListService.js';
 export const meta = {
 	requireCredential: true,
 	prohibitMoved: true,
+	kind: 'write:account',
 	res: {
 		type: 'object',
 		optional: false, nullable: false,
diff --git a/packages/backend/src/server/api/endpoints/users/lists/favorite.ts b/packages/backend/src/server/api/endpoints/users/lists/favorite.ts
index 2ecf0a1256..864cdc2ee0 100644
--- a/packages/backend/src/server/api/endpoints/users/lists/favorite.ts
+++ b/packages/backend/src/server/api/endpoints/users/lists/favorite.ts
@@ -12,6 +12,7 @@ import { DI } from '@/di-symbols.js';
 
 export const meta = {
 	requireCredential: true,
+	kind: 'write:account',
 	errors: {
 		noSuchList: {
 			message: 'No such user list.',
diff --git a/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts b/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts
index 23611ab8c4..d51d57343e 100644
--- a/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts
+++ b/packages/backend/src/server/api/endpoints/users/lists/unfavorite.ts
@@ -11,6 +11,7 @@ import { DI } from '@/di-symbols.js';
 
 export const meta = {
 	requireCredential: true,
+	kind: 'write:account',
 	errors: {
 		noSuchList: {
 			message: 'No such user list.',
diff --git a/packages/backend/src/server/api/endpoints/users/relation.ts b/packages/backend/src/server/api/endpoints/users/relation.ts
index 326042ed3d..26b61c9fb2 100644
--- a/packages/backend/src/server/api/endpoints/users/relation.ts
+++ b/packages/backend/src/server/api/endpoints/users/relation.ts
@@ -11,6 +11,7 @@ export const meta = {
 	tags: ['users'],
 
 	requireCredential: true,
+	kind: 'read:account',
 
 	description: 'Show the different kinds of relations between the authenticated user and the specified user(s).',
 
diff --git a/packages/backend/src/server/api/endpoints/users/report-abuse.ts b/packages/backend/src/server/api/endpoints/users/report-abuse.ts
index 3bcf44cc42..508497ccfb 100644
--- a/packages/backend/src/server/api/endpoints/users/report-abuse.ts
+++ b/packages/backend/src/server/api/endpoints/users/report-abuse.ts
@@ -20,6 +20,7 @@ export const meta = {
 	tags: ['users'],
 
 	requireCredential: true,
+	kind: 'write:report-abuse',
 
 	description: 'File a report.',
 
diff --git a/packages/backend/src/server/api/stream/ChannelsService.ts b/packages/backend/src/server/api/stream/ChannelsService.ts
index 8fd106c10c..3bc5380132 100644
--- a/packages/backend/src/server/api/stream/ChannelsService.ts
+++ b/packages/backend/src/server/api/stream/ChannelsService.ts
@@ -19,6 +19,7 @@ import { AntennaChannelService } from './channels/antenna.js';
 import { DriveChannelService } from './channels/drive.js';
 import { HashtagChannelService } from './channels/hashtag.js';
 import { RoleTimelineChannelService } from './channels/role-timeline.js';
+import { type MiChannelService } from './channel.js';
 
 @Injectable()
 export class ChannelsService {
@@ -41,7 +42,7 @@ export class ChannelsService {
 	}
 
 	@bindThis
-	public getChannelService(name: string) {
+	public getChannelService(name: string): MiChannelService<boolean> {
 		switch (name) {
 			case 'main': return this.mainChannelService;
 			case 'homeTimeline': return this.homeTimelineChannelService;
diff --git a/packages/backend/src/server/api/stream/Connection.ts b/packages/backend/src/server/api/stream/Connection.ts
index 4180ccc56a..a89fbcc5e5 100644
--- a/packages/backend/src/server/api/stream/Connection.ts
+++ b/packages/backend/src/server/api/stream/Connection.ts
@@ -248,6 +248,11 @@ export default class Connection {
 			return;
 		}
 
+		if (this.token && ((channelService.kind && !this.token.permission.some(p => p === channelService.kind))
+			|| (!channelService.kind && channelService.requireCredential))) {
+			return;
+		}
+
 		// 共有可能チャンネルに接続しようとしていて、かつそのチャンネルに既に接続していたら無意味なので無視
 		if (channelService.shouldShare && this.channels.some(c => c.chName === channel)) {
 			return;
diff --git a/packages/backend/src/server/api/stream/channel.ts b/packages/backend/src/server/api/stream/channel.ts
index 46b0709773..80df3803eb 100644
--- a/packages/backend/src/server/api/stream/channel.ts
+++ b/packages/backend/src/server/api/stream/channel.ts
@@ -16,6 +16,7 @@ export default abstract class Channel {
 	public abstract readonly chName: string;
 	public static readonly shouldShare: boolean;
 	public static readonly requireCredential: boolean;
+	public static readonly kind?: string | null;
 
 	protected get user() {
 		return this.connection.user;
@@ -76,3 +77,10 @@ export default abstract class Channel {
 
 	public onMessage?(type: string, body: any): void;
 }
+
+export type MiChannelService<T extends boolean> = {
+	shouldShare: boolean;
+	requireCredential: T;
+	kind: T extends true ? string : string | null | undefined;
+	create: (id: string, connection: Connection) => Channel;
+}
diff --git a/packages/backend/src/server/api/stream/channels/admin.ts b/packages/backend/src/server/api/stream/channels/admin.ts
index bfb36d9cb8..b8f369ce84 100644
--- a/packages/backend/src/server/api/stream/channels/admin.ts
+++ b/packages/backend/src/server/api/stream/channels/admin.ts
@@ -5,12 +5,13 @@
 
 import { Injectable } from '@nestjs/common';
 import { bindThis } from '@/decorators.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 class AdminChannel extends Channel {
 	public readonly chName = 'admin';
 	public static shouldShare = true;
-	public static requireCredential = true;
+	public static requireCredential = true as const;
+	public static kind = 'read:admin:stream';
 
 	@bindThis
 	public async init(params: any) {
@@ -22,9 +23,10 @@ class AdminChannel extends Channel {
 }
 
 @Injectable()
-export class AdminChannelService {
+export class AdminChannelService implements MiChannelService<true> {
 	public readonly shouldShare = AdminChannel.shouldShare;
 	public readonly requireCredential = AdminChannel.requireCredential;
+	public readonly kind = AdminChannel.kind;
 
 	constructor(
 	) {
diff --git a/packages/backend/src/server/api/stream/channels/antenna.ts b/packages/backend/src/server/api/stream/channels/antenna.ts
index a48e6ba5c6..200db8eb0e 100644
--- a/packages/backend/src/server/api/stream/channels/antenna.ts
+++ b/packages/backend/src/server/api/stream/channels/antenna.ts
@@ -8,12 +8,13 @@ import { isUserRelated } from '@/misc/is-user-related.js';
 import { NoteEntityService } from '@/core/entities/NoteEntityService.js';
 import { bindThis } from '@/decorators.js';
 import type { GlobalEvents } from '@/core/GlobalEventService.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 class AntennaChannel extends Channel {
 	public readonly chName = 'antenna';
 	public static shouldShare = false;
-	public static requireCredential = false;
+	public static requireCredential = true as const;
+	public static kind = 'read:account';
 	private antennaId: string;
 
 	constructor(
@@ -62,9 +63,10 @@ class AntennaChannel extends Channel {
 }
 
 @Injectable()
-export class AntennaChannelService {
+export class AntennaChannelService implements MiChannelService<true> {
 	public readonly shouldShare = AntennaChannel.shouldShare;
 	public readonly requireCredential = AntennaChannel.requireCredential;
+	public readonly kind = AntennaChannel.kind;
 
 	constructor(
 		private noteEntityService: NoteEntityService,
diff --git a/packages/backend/src/server/api/stream/channels/channel.ts b/packages/backend/src/server/api/stream/channels/channel.ts
index 57034231a3..20275249b8 100644
--- a/packages/backend/src/server/api/stream/channels/channel.ts
+++ b/packages/backend/src/server/api/stream/channels/channel.ts
@@ -8,12 +8,12 @@ import { isUserRelated } from '@/misc/is-user-related.js';
 import type { Packed } from '@/misc/json-schema.js';
 import { NoteEntityService } from '@/core/entities/NoteEntityService.js';
 import { bindThis } from '@/decorators.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 class ChannelChannel extends Channel {
 	public readonly chName = 'channel';
 	public static shouldShare = false;
-	public static requireCredential = false;
+	public static requireCredential = false as const;
 	private channelId: string;
 
 	constructor(
@@ -65,9 +65,10 @@ class ChannelChannel extends Channel {
 }
 
 @Injectable()
-export class ChannelChannelService {
+export class ChannelChannelService implements MiChannelService<false> {
 	public readonly shouldShare = ChannelChannel.shouldShare;
 	public readonly requireCredential = ChannelChannel.requireCredential;
+	public readonly kind = ChannelChannel.kind;
 
 	constructor(
 		private noteEntityService: NoteEntityService,
diff --git a/packages/backend/src/server/api/stream/channels/drive.ts b/packages/backend/src/server/api/stream/channels/drive.ts
index 83f53c1836..4bf34a72c9 100644
--- a/packages/backend/src/server/api/stream/channels/drive.ts
+++ b/packages/backend/src/server/api/stream/channels/drive.ts
@@ -5,12 +5,13 @@
 
 import { Injectable } from '@nestjs/common';
 import { bindThis } from '@/decorators.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 class DriveChannel extends Channel {
 	public readonly chName = 'drive';
 	public static shouldShare = true;
-	public static requireCredential = true;
+	public static requireCredential = true as const;
+	public static kind = 'read:account';
 
 	@bindThis
 	public async init(params: any) {
@@ -22,9 +23,10 @@ class DriveChannel extends Channel {
 }
 
 @Injectable()
-export class DriveChannelService {
+export class DriveChannelService implements MiChannelService<true> {
 	public readonly shouldShare = DriveChannel.shouldShare;
 	public readonly requireCredential = DriveChannel.requireCredential;
+	public readonly kind = DriveChannel.kind;
 
 	constructor(
 	) {
diff --git a/packages/backend/src/server/api/stream/channels/global-timeline.ts b/packages/backend/src/server/api/stream/channels/global-timeline.ts
index 553c44071f..8df13da8a9 100644
--- a/packages/backend/src/server/api/stream/channels/global-timeline.ts
+++ b/packages/backend/src/server/api/stream/channels/global-timeline.ts
@@ -12,12 +12,12 @@ import { MetaService } from '@/core/MetaService.js';
 import { NoteEntityService } from '@/core/entities/NoteEntityService.js';
 import { bindThis } from '@/decorators.js';
 import { RoleService } from '@/core/RoleService.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 class GlobalTimelineChannel extends Channel {
 	public readonly chName = 'globalTimeline';
 	public static shouldShare = false;
-	public static requireCredential = false;
+	public static requireCredential = false as const;
 	private withRenotes: boolean;
 	private withFiles: boolean;
 
@@ -91,9 +91,10 @@ class GlobalTimelineChannel extends Channel {
 }
 
 @Injectable()
-export class GlobalTimelineChannelService {
+export class GlobalTimelineChannelService implements MiChannelService<false> {
 	public readonly shouldShare = GlobalTimelineChannel.shouldShare;
 	public readonly requireCredential = GlobalTimelineChannel.requireCredential;
+	public readonly kind = GlobalTimelineChannel.kind;
 
 	constructor(
 		private metaService: MetaService,
diff --git a/packages/backend/src/server/api/stream/channels/hashtag.ts b/packages/backend/src/server/api/stream/channels/hashtag.ts
index f30b29cfd6..3d4f2fc528 100644
--- a/packages/backend/src/server/api/stream/channels/hashtag.ts
+++ b/packages/backend/src/server/api/stream/channels/hashtag.ts
@@ -9,12 +9,12 @@ import { isUserRelated } from '@/misc/is-user-related.js';
 import type { Packed } from '@/misc/json-schema.js';
 import { NoteEntityService } from '@/core/entities/NoteEntityService.js';
 import { bindThis } from '@/decorators.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 class HashtagChannel extends Channel {
 	public readonly chName = 'hashtag';
 	public static shouldShare = false;
-	public static requireCredential = false;
+	public static requireCredential = false as const;
 	private q: string[][];
 
 	constructor(
@@ -70,9 +70,10 @@ class HashtagChannel extends Channel {
 }
 
 @Injectable()
-export class HashtagChannelService {
+export class HashtagChannelService implements MiChannelService<false> {
 	public readonly shouldShare = HashtagChannel.shouldShare;
 	public readonly requireCredential = HashtagChannel.requireCredential;
+	public readonly kind = HashtagChannel.kind;
 
 	constructor(
 		private noteEntityService: NoteEntityService,
diff --git a/packages/backend/src/server/api/stream/channels/home-timeline.ts b/packages/backend/src/server/api/stream/channels/home-timeline.ts
index 80054d0881..6c9f52ba70 100644
--- a/packages/backend/src/server/api/stream/channels/home-timeline.ts
+++ b/packages/backend/src/server/api/stream/channels/home-timeline.ts
@@ -10,12 +10,13 @@ import { isInstanceMuted } from '@/misc/is-instance-muted.js';
 import type { Packed } from '@/misc/json-schema.js';
 import { NoteEntityService } from '@/core/entities/NoteEntityService.js';
 import { bindThis } from '@/decorators.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 class HomeTimelineChannel extends Channel {
 	public readonly chName = 'homeTimeline';
 	public static shouldShare = false;
-	public static requireCredential = true;
+	public static requireCredential = true as const;
+	public static kind = 'read:account';
 	private withRenotes: boolean;
 	private withFiles: boolean;
 
@@ -99,9 +100,10 @@ class HomeTimelineChannel extends Channel {
 }
 
 @Injectable()
-export class HomeTimelineChannelService {
+export class HomeTimelineChannelService implements MiChannelService<true> {
 	public readonly shouldShare = HomeTimelineChannel.shouldShare;
 	public readonly requireCredential = HomeTimelineChannel.requireCredential;
+	public readonly kind = HomeTimelineChannel.kind;
 
 	constructor(
 		private noteEntityService: NoteEntityService,
diff --git a/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts b/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts
index 78645982bf..957d8b6d41 100644
--- a/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts
+++ b/packages/backend/src/server/api/stream/channels/hybrid-timeline.ts
@@ -12,12 +12,13 @@ import { MetaService } from '@/core/MetaService.js';
 import { NoteEntityService } from '@/core/entities/NoteEntityService.js';
 import { bindThis } from '@/decorators.js';
 import { RoleService } from '@/core/RoleService.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 class HybridTimelineChannel extends Channel {
 	public readonly chName = 'hybridTimeline';
 	public static shouldShare = false;
-	public static requireCredential = true;
+	public static requireCredential = true as const;
+	public static kind = 'read:account';
 	private withRenotes: boolean;
 	private withReplies: boolean;
 	private withFiles: boolean;
@@ -114,9 +115,10 @@ class HybridTimelineChannel extends Channel {
 }
 
 @Injectable()
-export class HybridTimelineChannelService {
+export class HybridTimelineChannelService implements MiChannelService<true> {
 	public readonly shouldShare = HybridTimelineChannel.shouldShare;
 	public readonly requireCredential = HybridTimelineChannel.requireCredential;
+	public readonly kind = HybridTimelineChannel.kind;
 
 	constructor(
 		private metaService: MetaService,
diff --git a/packages/backend/src/server/api/stream/channels/local-timeline.ts b/packages/backend/src/server/api/stream/channels/local-timeline.ts
index 1388f186ff..888d268d56 100644
--- a/packages/backend/src/server/api/stream/channels/local-timeline.ts
+++ b/packages/backend/src/server/api/stream/channels/local-timeline.ts
@@ -11,12 +11,12 @@ import { MetaService } from '@/core/MetaService.js';
 import { NoteEntityService } from '@/core/entities/NoteEntityService.js';
 import { bindThis } from '@/decorators.js';
 import { RoleService } from '@/core/RoleService.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 class LocalTimelineChannel extends Channel {
 	public readonly chName = 'localTimeline';
 	public static shouldShare = false;
-	public static requireCredential = false;
+	public static requireCredential = false as const;
 	private withRenotes: boolean;
 	private withReplies: boolean;
 	private withFiles: boolean;
@@ -90,9 +90,10 @@ class LocalTimelineChannel extends Channel {
 }
 
 @Injectable()
-export class LocalTimelineChannelService {
+export class LocalTimelineChannelService implements MiChannelService<false> {
 	public readonly shouldShare = LocalTimelineChannel.shouldShare;
 	public readonly requireCredential = LocalTimelineChannel.requireCredential;
+	public readonly kind = LocalTimelineChannel.kind;
 
 	constructor(
 		private metaService: MetaService,
diff --git a/packages/backend/src/server/api/stream/channels/main.ts b/packages/backend/src/server/api/stream/channels/main.ts
index f969d02337..ab605e3ec5 100644
--- a/packages/backend/src/server/api/stream/channels/main.ts
+++ b/packages/backend/src/server/api/stream/channels/main.ts
@@ -7,12 +7,13 @@ import { Injectable } from '@nestjs/common';
 import { isInstanceMuted, isUserFromMutedInstance } from '@/misc/is-instance-muted.js';
 import { NoteEntityService } from '@/core/entities/NoteEntityService.js';
 import { bindThis } from '@/decorators.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 class MainChannel extends Channel {
 	public readonly chName = 'main';
 	public static shouldShare = true;
-	public static requireCredential = true;
+	public static requireCredential = true as const;
+	public static kind = 'read:account';
 
 	constructor(
 		private noteEntityService: NoteEntityService,
@@ -63,9 +64,10 @@ class MainChannel extends Channel {
 }
 
 @Injectable()
-export class MainChannelService {
+export class MainChannelService implements MiChannelService<true> {
 	public readonly shouldShare = MainChannel.shouldShare;
 	public readonly requireCredential = MainChannel.requireCredential;
+	public readonly kind = MainChannel.kind;
 
 	constructor(
 		private noteEntityService: NoteEntityService,
diff --git a/packages/backend/src/server/api/stream/channels/queue-stats.ts b/packages/backend/src/server/api/stream/channels/queue-stats.ts
index f0dc472303..5ceb2c3bbc 100644
--- a/packages/backend/src/server/api/stream/channels/queue-stats.ts
+++ b/packages/backend/src/server/api/stream/channels/queue-stats.ts
@@ -6,14 +6,14 @@
 import Xev from 'xev';
 import { Injectable } from '@nestjs/common';
 import { bindThis } from '@/decorators.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 const ev = new Xev();
 
 class QueueStatsChannel extends Channel {
 	public readonly chName = 'queueStats';
 	public static shouldShare = true;
-	public static requireCredential = false;
+	public static requireCredential = false as const;
 
 	constructor(id: string, connection: Channel['connection']) {
 		super(id, connection);
@@ -53,9 +53,10 @@ class QueueStatsChannel extends Channel {
 }
 
 @Injectable()
-export class QueueStatsChannelService {
+export class QueueStatsChannelService implements MiChannelService<false> {
 	public readonly shouldShare = QueueStatsChannel.shouldShare;
 	public readonly requireCredential = QueueStatsChannel.requireCredential;
+	public readonly kind = QueueStatsChannel.kind;
 
 	constructor(
 	) {
diff --git a/packages/backend/src/server/api/stream/channels/role-timeline.ts b/packages/backend/src/server/api/stream/channels/role-timeline.ts
index 38d3604cc5..b3bbb77dbf 100644
--- a/packages/backend/src/server/api/stream/channels/role-timeline.ts
+++ b/packages/backend/src/server/api/stream/channels/role-timeline.ts
@@ -10,12 +10,12 @@ import { NoteEntityService } from '@/core/entities/NoteEntityService.js';
 import { bindThis } from '@/decorators.js';
 import { RoleService } from '@/core/RoleService.js';
 import type { GlobalEvents } from '@/core/GlobalEventService.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 class RoleTimelineChannel extends Channel {
 	public readonly chName = 'roleTimeline';
 	public static shouldShare = false;
-	public static requireCredential = false;
+	public static requireCredential = false as const;
 	private roleId: string;
 
 	constructor(
@@ -67,9 +67,10 @@ class RoleTimelineChannel extends Channel {
 }
 
 @Injectable()
-export class RoleTimelineChannelService {
+export class RoleTimelineChannelService implements MiChannelService<false> {
 	public readonly shouldShare = RoleTimelineChannel.shouldShare;
 	public readonly requireCredential = RoleTimelineChannel.requireCredential;
+	public readonly kind = RoleTimelineChannel.kind;
 
 	constructor(
 		private noteEntityService: NoteEntityService,
diff --git a/packages/backend/src/server/api/stream/channels/server-stats.ts b/packages/backend/src/server/api/stream/channels/server-stats.ts
index cacae275a8..615b6946cc 100644
--- a/packages/backend/src/server/api/stream/channels/server-stats.ts
+++ b/packages/backend/src/server/api/stream/channels/server-stats.ts
@@ -6,14 +6,14 @@
 import Xev from 'xev';
 import { Injectable } from '@nestjs/common';
 import { bindThis } from '@/decorators.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 const ev = new Xev();
 
 class ServerStatsChannel extends Channel {
 	public readonly chName = 'serverStats';
 	public static shouldShare = true;
-	public static requireCredential = false;
+	public static requireCredential = false as const;
 
 	constructor(id: string, connection: Channel['connection']) {
 		super(id, connection);
@@ -53,9 +53,10 @@ class ServerStatsChannel extends Channel {
 }
 
 @Injectable()
-export class ServerStatsChannelService {
+export class ServerStatsChannelService implements MiChannelService<false> {
 	public readonly shouldShare = ServerStatsChannel.shouldShare;
 	public readonly requireCredential = ServerStatsChannel.requireCredential;
+	public readonly kind = ServerStatsChannel.kind;
 
 	constructor(
 	) {
diff --git a/packages/backend/src/server/api/stream/channels/user-list.ts b/packages/backend/src/server/api/stream/channels/user-list.ts
index fe293e2b4d..909b5a5e03 100644
--- a/packages/backend/src/server/api/stream/channels/user-list.ts
+++ b/packages/backend/src/server/api/stream/channels/user-list.ts
@@ -11,12 +11,12 @@ import { NoteEntityService } from '@/core/entities/NoteEntityService.js';
 import { DI } from '@/di-symbols.js';
 import { bindThis } from '@/decorators.js';
 import { isInstanceMuted } from '@/misc/is-instance-muted.js';
-import Channel from '../channel.js';
+import Channel, { type MiChannelService } from '../channel.js';
 
 class UserListChannel extends Channel {
 	public readonly chName = 'userList';
 	public static shouldShare = false;
-	public static requireCredential = false;
+	public static requireCredential = false as const;
 	private listId: string;
 	private membershipsMap: Record<string, Pick<MiUserListMembership, 'withReplies'> | undefined> = {};
 	private listUsersClock: NodeJS.Timeout;
@@ -137,9 +137,10 @@ class UserListChannel extends Channel {
 }
 
 @Injectable()
-export class UserListChannelService {
+export class UserListChannelService implements MiChannelService<false> {
 	public readonly shouldShare = UserListChannel.shouldShare;
 	public readonly requireCredential = UserListChannel.requireCredential;
+	public readonly kind = UserListChannel.kind;
 
 	constructor(
 		@Inject(DI.userListsRepository)
diff --git a/packages/backend/src/server/oauth/OAuth2ProviderService.ts b/packages/backend/src/server/oauth/OAuth2ProviderService.ts
index 4fa7b800e8..5c18f452ce 100644
--- a/packages/backend/src/server/oauth/OAuth2ProviderService.ts
+++ b/packages/backend/src/server/oauth/OAuth2ProviderService.ts
@@ -17,9 +17,9 @@ import bodyParser from 'body-parser';
 import fastifyExpress from '@fastify/express';
 import { verifyChallenge } from 'pkce-challenge';
 import { mf2 } from 'microformats-parser';
+import { permissions as kinds } from 'misskey-js';
 import { secureRndstr } from '@/misc/secure-rndstr.js';
 import { HttpRequestService } from '@/core/HttpRequestService.js';
-import { kinds } from '@/misc/api-permissions.js';
 import type { Config } from '@/config.js';
 import { DI } from '@/di-symbols.js';
 import { bindThis } from '@/decorators.js';
@@ -426,7 +426,7 @@ export class OAuth2ProviderService {
 				}
 
 				try {
-					const scopes = [...new Set(scope)].filter(s => kinds.includes(s));
+					const scopes = [...new Set(scope)].filter(s => (<readonly string[]>kinds).includes(s));
 					if (!scopes.length) {
 						throw new AuthorizationError('`scope` parameter has no known scope', 'invalid_scope');
 					}
diff --git a/packages/backend/test/e2e/api.ts b/packages/backend/test/e2e/api.ts
index 15da74931d..cf24228b83 100644
--- a/packages/backend/test/e2e/api.ts
+++ b/packages/backend/test/e2e/api.ts
@@ -7,7 +7,7 @@ process.env.NODE_ENV = 'test';
 
 import * as assert from 'assert';
 import { IncomingMessage } from 'http';
-import { signup, api, startServer, successfulApiCall, failedApiCall, uploadFile, waitFire, connectStream, relativeFetch } from '../utils.js';
+import { signup, api, startServer, successfulApiCall, failedApiCall, uploadFile, waitFire, connectStream, relativeFetch, createAppToken } from '../utils.js';
 import type { INestApplicationContext } from '@nestjs/common';
 import type * as misskey from 'misskey-js';
 
@@ -89,6 +89,11 @@ describe('API', () => {
 	});
 
 	test('管理者専用のAPIのアクセス制限', async () => {
+		const application = await createAppToken(alice, ['read:account']);
+		const application2 = await createAppToken(alice, ['read:admin:index-stats']);
+		const application3 = await createAppToken(bob, []);
+		const application4 = await createAppToken(bob, ['read:admin:index-stats']);
+
 		// aliceは管理者、APIを使える
 		await successfulApiCall({
 			endpoint: '/admin/get-index-stats',
@@ -128,6 +133,42 @@ describe('API', () => {
 			code: 'AUTHENTICATION_FAILED',
 			id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14',
 		});
+
+		await successfulApiCall({
+			endpoint: '/admin/get-index-stats',
+			parameters: {},
+			user: { token: application2 },
+		});
+
+		await failedApiCall({
+			endpoint: '/admin/get-index-stats',
+			parameters: {},
+			user: { token: application },
+		}, {
+			status: 403,
+			code: 'PERMISSION_DENIED',
+			id: '1370e5b7-d4eb-4566-bb1d-7748ee6a1838',
+		});
+
+		await failedApiCall({
+			endpoint: '/admin/get-index-stats',
+			parameters: {},
+			user: { token: application3 },
+		}, {
+			status: 403,
+			code: 'ROLE_PERMISSION_DENIED',
+			id: 'c3d38592-54c0-429d-be96-5636b0431a61',
+		});
+
+		await failedApiCall({
+			endpoint: '/admin/get-index-stats',
+			parameters: {},
+			user: { token: application4 },
+		}, {
+			status: 403,
+			code: 'ROLE_PERMISSION_DENIED',
+			id: 'c3d38592-54c0-429d-be96-5636b0431a61',
+		});
 	});
 
 	describe('Authentication header', () => {
diff --git a/packages/backend/test/e2e/streaming.ts b/packages/backend/test/e2e/streaming.ts
index c4824f50ce..288c54bdbc 100644
--- a/packages/backend/test/e2e/streaming.ts
+++ b/packages/backend/test/e2e/streaming.ts
@@ -6,8 +6,9 @@
 process.env.NODE_ENV = 'test';
 
 import * as assert from 'assert';
+import { WebSocket } from 'ws';
 import { MiFollowing } from '@/models/Following.js';
-import { signup, api, post, startServer, initTestDb, waitFire } from '../utils.js';
+import { signup, api, post, startServer, initTestDb, waitFire, createAppToken, port } from '../utils.js';
 import type { INestApplicationContext } from '@nestjs/common';
 import type * as misskey from 'misskey-js';
 
@@ -560,6 +561,28 @@ describe('Streaming', () => {
 			});
 		});
 
+		test('Authentication', async () => {
+			const application = await createAppToken(ayano, []);
+			const application2 = await createAppToken(ayano, ['read:account']);
+			const socket = new WebSocket(`ws://127.0.0.1:${port}/streaming?i=${application}`);
+			const established = await new Promise<boolean>((resolve, reject) => {
+				socket.on('error', () => resolve(false));
+				socket.on('unexpected-response', () => resolve(false));
+				setTimeout(() => resolve(true), 3000);
+			});
+
+			socket.close();
+			assert.strictEqual(established, false);
+
+			const fired = await waitFire(
+				{ token: application2 }, 'hybridTimeline',
+				() => api('notes/create', { text: 'Hello, world!' }, ayano),
+				msg => msg.type === 'note' && msg.body.userId === ayano.id,
+			);
+
+			assert.strictEqual(fired, true);
+		});
+
 		// XXX: QueryFailedError: duplicate key value violates unique constraint "IDX_347fec870eafea7b26c8a73bac"
 		/*
 		describe('Hashtag Timeline', () => {
diff --git a/packages/backend/test/utils.ts b/packages/backend/test/utils.ts
index 97118d73c0..db7629d2c4 100644
--- a/packages/backend/test/utils.ts
+++ b/packages/backend/test/utils.ts
@@ -6,6 +6,7 @@
 import * as assert from 'node:assert';
 import { readFile } from 'node:fs/promises';
 import { isAbsolute, basename } from 'node:path';
+import { randomUUID } from 'node:crypto';
 import { inspect } from 'node:util';
 import WebSocket, { ClientOptions } from 'ws';
 import fetch, { File, RequestInit } from 'node-fetch';
@@ -126,6 +127,15 @@ export const post = async (user: UserToken, params?: misskey.Endpoints['notes/cr
 	return res.body ? res.body.createdNote : null;
 };
 
+export const createAppToken = async (user: UserToken, permissions: (typeof misskey.permissions)[number][]) => {
+	const res = await api('miauth/gen-token', {
+		session: randomUUID(),
+		permission: permissions,
+	}, user);
+
+	return (res.body as misskey.entities.MiauthGenTokenResponse).token;
+};
+
 // 非公開ノートをAPI越しに見たときのノート NoteEntityService.ts
 export const hiddenNote = (note: any): any => {
 	const temp = {
diff --git a/packages/frontend/src/components/MkTokenGenerateWindow.vue b/packages/frontend/src/components/MkTokenGenerateWindow.vue
index f5fa86a908..8e8e26ed5f 100644
--- a/packages/frontend/src/components/MkTokenGenerateWindow.vue
+++ b/packages/frontend/src/components/MkTokenGenerateWindow.vue
@@ -33,7 +33,7 @@ SPDX-License-Identifier: AGPL-3.0-only
 				<MkButton inline @click="enableAll">{{ i18n.ts.enableAll }}</MkButton>
 			</div>
 			<div class="_gaps_s">
-				<MkSwitch v-for="kind in (initialPermissions || Misskey.permissions)" :key="kind" v-model="permissions[kind]">{{ i18n.t(`_permissions.${kind}`) }}</MkSwitch>
+				<MkSwitch v-for="kind in Object.keys(permissions)" :key="kind" v-model="permissions[kind]">{{ i18n.t(`_permissions.${kind}`) }}</MkSwitch>
 			</div>
 		</div>
 	</MkSpacer>
@@ -54,7 +54,7 @@ const props = withDefaults(defineProps<{
 	title?: string | null;
 	information?: string | null;
 	initialName?: string | null;
-	initialPermissions?: string[] | null;
+	initialPermissions?: (typeof Misskey.permissions)[number][] | null;
 }>(), {
 	title: null,
 	information: null,
@@ -67,16 +67,17 @@ const emit = defineEmits<{
 	(ev: 'done', result: { name: string | null, permissions: string[] }): void;
 }>();
 
+const defaultPermissions = Misskey.permissions.filter(p => !p.startsWith('read:admin') && !p.startsWith('write:admin'));
 const dialog = shallowRef<InstanceType<typeof MkModalWindow>>();
 const name = ref(props.initialName);
-const permissions = ref({});
+const permissions = ref(<Record<(typeof Misskey.permissions)[number], boolean>>{});
 
 if (props.initialPermissions) {
 	for (const kind of props.initialPermissions) {
 		permissions.value[kind] = true;
 	}
 } else {
-	for (const kind of Misskey.permissions) {
+	for (const kind of defaultPermissions) {
 		permissions.value[kind] = false;
 	}
 }
diff --git a/packages/misskey-js/src/autogen/apiClientJSDoc.ts b/packages/misskey-js/src/autogen/apiClientJSDoc.ts
index 7f4094845a..758beaf3a0 100644
--- a/packages/misskey-js/src/autogen/apiClientJSDoc.ts
+++ b/packages/misskey-js/src/autogen/apiClientJSDoc.ts
@@ -1,6 +1,6 @@
 /*
  * version: 2023.12.0
- * generatedAt: 2023-12-25T03:48:32.008Z
+ * generatedAt: 2023-12-26T23:35:09.494Z
  */
 
 import type { SwitchCaseResponseType } from '../api.js';
@@ -11,7 +11,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:meta*
      */
     request<E extends 'admin/meta', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -22,7 +22,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:abuse-user-reports*
      */
     request<E extends 'admin/abuse-user-reports', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -33,7 +33,8 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *No* / **Permission**: *write:admin*
+     * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
+     * **Credential required**: *No*
      */
     request<E extends 'admin/accounts/create', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -44,7 +45,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:account*
      */
     request<E extends 'admin/accounts/delete', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -55,7 +56,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:account*
      */
     request<E extends 'admin/accounts/find-by-email', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -66,7 +67,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:ad*
      */
     request<E extends 'admin/ad/create', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -77,7 +78,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:ad*
      */
     request<E extends 'admin/ad/delete', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -88,7 +89,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:ad*
      */
     request<E extends 'admin/ad/list', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -99,7 +100,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:ad*
      */
     request<E extends 'admin/ad/update', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -110,7 +111,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:announcements*
      */
     request<E extends 'admin/announcements/create', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -121,7 +122,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:announcements*
      */
     request<E extends 'admin/announcements/delete', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -132,7 +133,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:announcements*
      */
     request<E extends 'admin/announcements/list', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -143,7 +144,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:announcements*
      */
     request<E extends 'admin/announcements/update', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -154,7 +155,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations*
      */
     request<E extends 'admin/avatar-decorations/create', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -165,7 +166,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations*
      */
     request<E extends 'admin/avatar-decorations/delete', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -176,7 +177,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:avatar-decorations*
      */
     request<E extends 'admin/avatar-decorations/list', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -187,7 +188,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations*
      */
     request<E extends 'admin/avatar-decorations/update', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -198,7 +199,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:delete-all-files-of-a-user*
      */
     request<E extends 'admin/delete-all-files-of-a-user', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -209,7 +210,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:unset-user-avatar*
      */
     request<E extends 'admin/unset-user-avatar', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -220,7 +221,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:unset-user-banner*
      */
     request<E extends 'admin/unset-user-banner', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -231,7 +232,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:drive*
      */
     request<E extends 'admin/drive/clean-remote-files', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -242,7 +243,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:drive*
      */
     request<E extends 'admin/drive/cleanup', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -253,7 +254,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:drive*
      */
     request<E extends 'admin/drive/files', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -264,7 +265,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:drive*
      */
     request<E extends 'admin/drive/show-file', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -275,7 +276,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     request<E extends 'admin/emoji/add-aliases-bulk', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -286,7 +287,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     request<E extends 'admin/emoji/add', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -297,7 +298,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     request<E extends 'admin/emoji/copy', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -308,7 +309,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     request<E extends 'admin/emoji/delete-bulk', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -319,7 +320,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     request<E extends 'admin/emoji/delete', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -330,7 +331,8 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
+     * **Credential required**: *Yes*
      */
     request<E extends 'admin/emoji/import-zip', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -341,7 +343,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:emoji*
      */
     request<E extends 'admin/emoji/list-remote', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -352,7 +354,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:emoji*
      */
     request<E extends 'admin/emoji/list', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -363,7 +365,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     request<E extends 'admin/emoji/remove-aliases-bulk', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -374,7 +376,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     request<E extends 'admin/emoji/set-aliases-bulk', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -385,7 +387,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     request<E extends 'admin/emoji/set-category-bulk', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -396,7 +398,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     request<E extends 'admin/emoji/set-license-bulk', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -407,7 +409,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     request<E extends 'admin/emoji/update', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -418,7 +420,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:federation*
      */
     request<E extends 'admin/federation/delete-all-files', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -429,7 +431,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:federation*
      */
     request<E extends 'admin/federation/refresh-remote-instance-metadata', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -440,7 +442,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:federation*
      */
     request<E extends 'admin/federation/remove-all-following', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -451,7 +453,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:federation*
      */
     request<E extends 'admin/federation/update-instance', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -462,7 +464,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:index-stats*
      */
     request<E extends 'admin/get-index-stats', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -473,7 +475,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:table-stats*
      */
     request<E extends 'admin/get-table-stats', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -484,7 +486,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:user-ips*
      */
     request<E extends 'admin/get-user-ips', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -495,7 +497,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:invite-codes*
      */
     request<E extends 'admin/invite/create', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -506,7 +508,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:invite-codes*
      */
     request<E extends 'admin/invite/list', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -517,7 +519,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:promo*
      */
     request<E extends 'admin/promo/create', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -528,7 +530,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:queue*
      */
     request<E extends 'admin/queue/clear', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -539,7 +541,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:queue*
      */
     request<E extends 'admin/queue/deliver-delayed', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -550,7 +552,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:queue*
      */
     request<E extends 'admin/queue/inbox-delayed', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -561,7 +563,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:queue*
      */
     request<E extends 'admin/queue/promote', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -572,7 +574,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:emoji*
      */
     request<E extends 'admin/queue/stats', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -583,7 +585,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:relays*
      */
     request<E extends 'admin/relays/add', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -594,7 +596,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:relays*
      */
     request<E extends 'admin/relays/list', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -605,7 +607,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:relays*
      */
     request<E extends 'admin/relays/remove', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -616,7 +618,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:reset-password*
      */
     request<E extends 'admin/reset-password', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -627,7 +629,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:resolve-abuse-user-report*
      */
     request<E extends 'admin/resolve-abuse-user-report', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -638,7 +640,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:send-email*
      */
     request<E extends 'admin/send-email', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -649,7 +651,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:server-info*
      */
     request<E extends 'admin/server-info', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -660,7 +662,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:show-moderation-log*
      */
     request<E extends 'admin/show-moderation-logs', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -671,7 +673,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:show-user*
      */
     request<E extends 'admin/show-user', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -682,7 +684,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:show-users*
      */
     request<E extends 'admin/show-users', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -693,7 +695,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:suspend-user*
      */
     request<E extends 'admin/suspend-user', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -704,7 +706,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:unsuspend-user*
      */
     request<E extends 'admin/unsuspend-user', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -715,7 +717,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:meta*
      */
     request<E extends 'admin/update-meta', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -726,7 +728,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:delete-account*
      */
     request<E extends 'admin/delete-account', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -737,7 +739,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:user-note*
      */
     request<E extends 'admin/update-user-note', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -748,7 +750,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
      */
     request<E extends 'admin/roles/create', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -759,7 +761,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
      */
     request<E extends 'admin/roles/delete', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -770,7 +772,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:roles*
      */
     request<E extends 'admin/roles/list', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -781,7 +783,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:roles*
      */
     request<E extends 'admin/roles/show', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -792,7 +794,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
      */
     request<E extends 'admin/roles/update', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -803,7 +805,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
      */
     request<E extends 'admin/roles/assign', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -814,7 +816,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
      */
     request<E extends 'admin/roles/unassign', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -825,7 +827,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
      */
     request<E extends 'admin/roles/update-default-policies', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -836,7 +838,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *No* / **Permission**: *read:admin*
+     * **Credential required**: *No* / **Permission**: *read:admin:roles*
      */
     request<E extends 'admin/roles/users', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -924,7 +926,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:federation*
      */
     request<E extends 'ap/get', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -935,7 +937,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'ap/show', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -1729,7 +1731,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *No*
      */
     request<E extends 'federation/update-remote-user', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2037,7 +2039,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'i', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2168,7 +2170,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     request<E extends 'i/claim-achievement', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2469,7 +2471,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'i/registry/get-all', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2480,7 +2482,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'i/registry/get-detail', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2491,7 +2493,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'i/registry/get', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2502,7 +2504,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'i/registry/keys-with-type', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2513,7 +2515,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'i/registry/keys', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2524,7 +2526,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     request<E extends 'i/registry/remove', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2547,7 +2549,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     request<E extends 'i/registry/set', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2683,7 +2685,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:invite-codes*
      */
     request<E extends 'invite/create', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2694,7 +2696,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:invite-codes*
      */
     request<E extends 'invite/delete', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2705,7 +2707,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:invite-codes*
      */
     request<E extends 'invite/list', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2716,7 +2718,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:invite-codes*
      */
     request<E extends 'invite/limit', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2838,7 +2840,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'my/apps', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2959,7 +2961,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'notes/hybrid-timeline', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2981,7 +2983,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'notes/mentions', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -2992,7 +2994,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'notes/polls/recommendation', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3102,7 +3104,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'notes/state', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3135,7 +3137,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'notes/timeline', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3146,7 +3148,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'notes/translate', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3168,7 +3170,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'notes/user-list-timeline', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3422,7 +3424,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     request<E extends 'promo/read', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3433,7 +3435,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'roles/list', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3466,7 +3468,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'roles/notes', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3532,6 +3534,7 @@ declare module '../api.js' {
     /**
      * Check push notification registration exists.
      * 
+     * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
      * **Credential required**: *Yes*
      */
     request<E extends 'sw/show-registration', P extends Endpoints[E]['req']>(
@@ -3543,6 +3546,7 @@ declare module '../api.js' {
     /**
      * Update push notification registration.
      * 
+     * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
      * **Credential required**: *Yes*
      */
     request<E extends 'sw/update-registration', P extends Endpoints[E]['req']>(
@@ -3554,6 +3558,7 @@ declare module '../api.js' {
     /**
      * Register to receive push notifications.
      * 
+     * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
      * **Credential required**: *Yes*
      */
     request<E extends 'sw/register', P extends Endpoints[E]['req']>(
@@ -3741,7 +3746,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     request<E extends 'users/lists/favorite', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3752,7 +3757,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     request<E extends 'users/lists/unfavorite', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3774,7 +3779,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     request<E extends 'users/lists/create-from-public', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3862,7 +3867,7 @@ declare module '../api.js' {
     /**
      * Show the different kinds of relations between the authenticated user and the specified user(s).
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     request<E extends 'users/relation', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3873,7 +3878,7 @@ declare module '../api.js' {
     /**
      * File a report.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:report-abuse*
      */
     request<E extends 'users/report-abuse', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3917,7 +3922,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
-     * **Credential required**: *Yes*
+     * **Credential required**: *No*
      */
     request<E extends 'users/achievements', P extends Endpoints[E]['req']>(
       endpoint: E,
@@ -3950,6 +3955,7 @@ declare module '../api.js' {
     /**
      * No description provided.
      * 
+     * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
      * **Credential required**: *Yes*
      */
     request<E extends 'fetch-external-resources', P extends Endpoints[E]['req']>(
diff --git a/packages/misskey-js/src/autogen/endpoint.ts b/packages/misskey-js/src/autogen/endpoint.ts
index 5e05759047..2ed76a22f9 100644
--- a/packages/misskey-js/src/autogen/endpoint.ts
+++ b/packages/misskey-js/src/autogen/endpoint.ts
@@ -1,6 +1,6 @@
 /*
  * version: 2023.12.0
- * generatedAt: 2023-12-25T03:48:32.001Z
+ * generatedAt: 2023-12-26T23:35:09.491Z
  */
 
 import type {
diff --git a/packages/misskey-js/src/autogen/entities.ts b/packages/misskey-js/src/autogen/entities.ts
index ceb2f242ac..c857e8e370 100644
--- a/packages/misskey-js/src/autogen/entities.ts
+++ b/packages/misskey-js/src/autogen/entities.ts
@@ -1,6 +1,6 @@
 /*
  * version: 2023.12.0
- * generatedAt: 2023-12-25T03:48:31.996Z
+ * generatedAt: 2023-12-26T23:35:09.489Z
  */
 
 import { operations } from './types.js';
diff --git a/packages/misskey-js/src/autogen/models.ts b/packages/misskey-js/src/autogen/models.ts
index a7fde6c1a3..c5b81a6b41 100644
--- a/packages/misskey-js/src/autogen/models.ts
+++ b/packages/misskey-js/src/autogen/models.ts
@@ -1,6 +1,6 @@
 /*
  * version: 2023.12.0
- * generatedAt: 2023-12-25T03:48:31.993Z
+ * generatedAt: 2023-12-26T23:35:09.485Z
  */
 
 import { components } from './types.js';
diff --git a/packages/misskey-js/src/autogen/types.ts b/packages/misskey-js/src/autogen/types.ts
index 28fe5654e6..94bb263980 100644
--- a/packages/misskey-js/src/autogen/types.ts
+++ b/packages/misskey-js/src/autogen/types.ts
@@ -3,7 +3,7 @@
 
 /*
  * version: 2023.12.0
- * generatedAt: 2023-12-25T03:48:31.850Z
+ * generatedAt: 2023-12-26T23:35:09.389Z
  */
 
 /**
@@ -22,7 +22,7 @@ export type paths = {
      * admin/meta
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:meta*
      */
     post: operations['admin/meta'];
   };
@@ -31,7 +31,7 @@ export type paths = {
      * admin/abuse-user-reports
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:abuse-user-reports*
      */
     post: operations['admin/abuse-user-reports'];
   };
@@ -40,7 +40,8 @@ export type paths = {
      * admin/accounts/create
      * @description No description provided.
      *
-     * **Credential required**: *No* / **Permission**: *write:admin*
+     * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
+     * **Credential required**: *No*
      */
     post: operations['admin/accounts/create'];
   };
@@ -49,7 +50,7 @@ export type paths = {
      * admin/accounts/delete
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:account*
      */
     post: operations['admin/accounts/delete'];
   };
@@ -58,7 +59,7 @@ export type paths = {
      * admin/accounts/find-by-email
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:account*
      */
     post: operations['admin/accounts/find-by-email'];
   };
@@ -67,7 +68,7 @@ export type paths = {
      * admin/ad/create
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:ad*
      */
     post: operations['admin/ad/create'];
   };
@@ -76,7 +77,7 @@ export type paths = {
      * admin/ad/delete
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:ad*
      */
     post: operations['admin/ad/delete'];
   };
@@ -85,7 +86,7 @@ export type paths = {
      * admin/ad/list
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:ad*
      */
     post: operations['admin/ad/list'];
   };
@@ -94,7 +95,7 @@ export type paths = {
      * admin/ad/update
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:ad*
      */
     post: operations['admin/ad/update'];
   };
@@ -103,7 +104,7 @@ export type paths = {
      * admin/announcements/create
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:announcements*
      */
     post: operations['admin/announcements/create'];
   };
@@ -112,7 +113,7 @@ export type paths = {
      * admin/announcements/delete
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:announcements*
      */
     post: operations['admin/announcements/delete'];
   };
@@ -121,7 +122,7 @@ export type paths = {
      * admin/announcements/list
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:announcements*
      */
     post: operations['admin/announcements/list'];
   };
@@ -130,7 +131,7 @@ export type paths = {
      * admin/announcements/update
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:announcements*
      */
     post: operations['admin/announcements/update'];
   };
@@ -139,7 +140,7 @@ export type paths = {
      * admin/avatar-decorations/create
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations*
      */
     post: operations['admin/avatar-decorations/create'];
   };
@@ -148,7 +149,7 @@ export type paths = {
      * admin/avatar-decorations/delete
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations*
      */
     post: operations['admin/avatar-decorations/delete'];
   };
@@ -157,7 +158,7 @@ export type paths = {
      * admin/avatar-decorations/list
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:avatar-decorations*
      */
     post: operations['admin/avatar-decorations/list'];
   };
@@ -166,7 +167,7 @@ export type paths = {
      * admin/avatar-decorations/update
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations*
      */
     post: operations['admin/avatar-decorations/update'];
   };
@@ -175,7 +176,7 @@ export type paths = {
      * admin/delete-all-files-of-a-user
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:delete-all-files-of-a-user*
      */
     post: operations['admin/delete-all-files-of-a-user'];
   };
@@ -184,7 +185,7 @@ export type paths = {
      * admin/unset-user-avatar
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:unset-user-avatar*
      */
     post: operations['admin/unset-user-avatar'];
   };
@@ -193,7 +194,7 @@ export type paths = {
      * admin/unset-user-banner
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:unset-user-banner*
      */
     post: operations['admin/unset-user-banner'];
   };
@@ -202,7 +203,7 @@ export type paths = {
      * admin/drive/clean-remote-files
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:drive*
      */
     post: operations['admin/drive/clean-remote-files'];
   };
@@ -211,7 +212,7 @@ export type paths = {
      * admin/drive/cleanup
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:drive*
      */
     post: operations['admin/drive/cleanup'];
   };
@@ -220,7 +221,7 @@ export type paths = {
      * admin/drive/files
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:drive*
      */
     post: operations['admin/drive/files'];
   };
@@ -229,7 +230,7 @@ export type paths = {
      * admin/drive/show-file
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:drive*
      */
     post: operations['admin/drive/show-file'];
   };
@@ -238,7 +239,7 @@ export type paths = {
      * admin/emoji/add-aliases-bulk
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     post: operations['admin/emoji/add-aliases-bulk'];
   };
@@ -247,7 +248,7 @@ export type paths = {
      * admin/emoji/add
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     post: operations['admin/emoji/add'];
   };
@@ -256,7 +257,7 @@ export type paths = {
      * admin/emoji/copy
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     post: operations['admin/emoji/copy'];
   };
@@ -265,7 +266,7 @@ export type paths = {
      * admin/emoji/delete-bulk
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     post: operations['admin/emoji/delete-bulk'];
   };
@@ -274,7 +275,7 @@ export type paths = {
      * admin/emoji/delete
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     post: operations['admin/emoji/delete'];
   };
@@ -283,7 +284,8 @@ export type paths = {
      * admin/emoji/import-zip
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
+     * **Credential required**: *Yes*
      */
     post: operations['admin/emoji/import-zip'];
   };
@@ -292,7 +294,7 @@ export type paths = {
      * admin/emoji/list-remote
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:emoji*
      */
     post: operations['admin/emoji/list-remote'];
   };
@@ -301,7 +303,7 @@ export type paths = {
      * admin/emoji/list
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:emoji*
      */
     post: operations['admin/emoji/list'];
   };
@@ -310,7 +312,7 @@ export type paths = {
      * admin/emoji/remove-aliases-bulk
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     post: operations['admin/emoji/remove-aliases-bulk'];
   };
@@ -319,7 +321,7 @@ export type paths = {
      * admin/emoji/set-aliases-bulk
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     post: operations['admin/emoji/set-aliases-bulk'];
   };
@@ -328,7 +330,7 @@ export type paths = {
      * admin/emoji/set-category-bulk
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     post: operations['admin/emoji/set-category-bulk'];
   };
@@ -337,7 +339,7 @@ export type paths = {
      * admin/emoji/set-license-bulk
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     post: operations['admin/emoji/set-license-bulk'];
   };
@@ -346,7 +348,7 @@ export type paths = {
      * admin/emoji/update
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
      */
     post: operations['admin/emoji/update'];
   };
@@ -355,7 +357,7 @@ export type paths = {
      * admin/federation/delete-all-files
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:federation*
      */
     post: operations['admin/federation/delete-all-files'];
   };
@@ -364,7 +366,7 @@ export type paths = {
      * admin/federation/refresh-remote-instance-metadata
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:federation*
      */
     post: operations['admin/federation/refresh-remote-instance-metadata'];
   };
@@ -373,7 +375,7 @@ export type paths = {
      * admin/federation/remove-all-following
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:federation*
      */
     post: operations['admin/federation/remove-all-following'];
   };
@@ -382,7 +384,7 @@ export type paths = {
      * admin/federation/update-instance
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:federation*
      */
     post: operations['admin/federation/update-instance'];
   };
@@ -391,7 +393,7 @@ export type paths = {
      * admin/get-index-stats
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:index-stats*
      */
     post: operations['admin/get-index-stats'];
   };
@@ -400,7 +402,7 @@ export type paths = {
      * admin/get-table-stats
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:table-stats*
      */
     post: operations['admin/get-table-stats'];
   };
@@ -409,7 +411,7 @@ export type paths = {
      * admin/get-user-ips
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:user-ips*
      */
     post: operations['admin/get-user-ips'];
   };
@@ -418,7 +420,7 @@ export type paths = {
      * admin/invite/create
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:invite-codes*
      */
     post: operations['admin/invite/create'];
   };
@@ -427,7 +429,7 @@ export type paths = {
      * admin/invite/list
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:invite-codes*
      */
     post: operations['admin/invite/list'];
   };
@@ -436,7 +438,7 @@ export type paths = {
      * admin/promo/create
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:promo*
      */
     post: operations['admin/promo/create'];
   };
@@ -445,7 +447,7 @@ export type paths = {
      * admin/queue/clear
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:queue*
      */
     post: operations['admin/queue/clear'];
   };
@@ -454,7 +456,7 @@ export type paths = {
      * admin/queue/deliver-delayed
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:queue*
      */
     post: operations['admin/queue/deliver-delayed'];
   };
@@ -463,7 +465,7 @@ export type paths = {
      * admin/queue/inbox-delayed
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:queue*
      */
     post: operations['admin/queue/inbox-delayed'];
   };
@@ -472,7 +474,7 @@ export type paths = {
      * admin/queue/promote
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:queue*
      */
     post: operations['admin/queue/promote'];
   };
@@ -481,7 +483,7 @@ export type paths = {
      * admin/queue/stats
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:emoji*
      */
     post: operations['admin/queue/stats'];
   };
@@ -490,7 +492,7 @@ export type paths = {
      * admin/relays/add
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:relays*
      */
     post: operations['admin/relays/add'];
   };
@@ -499,7 +501,7 @@ export type paths = {
      * admin/relays/list
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:relays*
      */
     post: operations['admin/relays/list'];
   };
@@ -508,7 +510,7 @@ export type paths = {
      * admin/relays/remove
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:relays*
      */
     post: operations['admin/relays/remove'];
   };
@@ -517,7 +519,7 @@ export type paths = {
      * admin/reset-password
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:reset-password*
      */
     post: operations['admin/reset-password'];
   };
@@ -526,7 +528,7 @@ export type paths = {
      * admin/resolve-abuse-user-report
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:resolve-abuse-user-report*
      */
     post: operations['admin/resolve-abuse-user-report'];
   };
@@ -535,7 +537,7 @@ export type paths = {
      * admin/send-email
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:send-email*
      */
     post: operations['admin/send-email'];
   };
@@ -544,7 +546,7 @@ export type paths = {
      * admin/server-info
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:server-info*
      */
     post: operations['admin/server-info'];
   };
@@ -553,7 +555,7 @@ export type paths = {
      * admin/show-moderation-logs
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:show-moderation-log*
      */
     post: operations['admin/show-moderation-logs'];
   };
@@ -562,7 +564,7 @@ export type paths = {
      * admin/show-user
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:show-user*
      */
     post: operations['admin/show-user'];
   };
@@ -571,7 +573,7 @@ export type paths = {
      * admin/show-users
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:show-users*
      */
     post: operations['admin/show-users'];
   };
@@ -580,7 +582,7 @@ export type paths = {
      * admin/suspend-user
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:suspend-user*
      */
     post: operations['admin/suspend-user'];
   };
@@ -589,7 +591,7 @@ export type paths = {
      * admin/unsuspend-user
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:unsuspend-user*
      */
     post: operations['admin/unsuspend-user'];
   };
@@ -598,7 +600,7 @@ export type paths = {
      * admin/update-meta
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:meta*
      */
     post: operations['admin/update-meta'];
   };
@@ -607,7 +609,7 @@ export type paths = {
      * admin/delete-account
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:delete-account*
      */
     post: operations['admin/delete-account'];
   };
@@ -616,7 +618,7 @@ export type paths = {
      * admin/update-user-note
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:user-note*
      */
     post: operations['admin/update-user-note'];
   };
@@ -625,7 +627,7 @@ export type paths = {
      * admin/roles/create
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
      */
     post: operations['admin/roles/create'];
   };
@@ -634,7 +636,7 @@ export type paths = {
      * admin/roles/delete
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
      */
     post: operations['admin/roles/delete'];
   };
@@ -643,7 +645,7 @@ export type paths = {
      * admin/roles/list
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:roles*
      */
     post: operations['admin/roles/list'];
   };
@@ -652,7 +654,7 @@ export type paths = {
      * admin/roles/show
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *read:admin*
+     * **Credential required**: *Yes* / **Permission**: *read:admin:roles*
      */
     post: operations['admin/roles/show'];
   };
@@ -661,7 +663,7 @@ export type paths = {
      * admin/roles/update
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
      */
     post: operations['admin/roles/update'];
   };
@@ -670,7 +672,7 @@ export type paths = {
      * admin/roles/assign
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
      */
     post: operations['admin/roles/assign'];
   };
@@ -679,7 +681,7 @@ export type paths = {
      * admin/roles/unassign
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
      */
     post: operations['admin/roles/unassign'];
   };
@@ -688,7 +690,7 @@ export type paths = {
      * admin/roles/update-default-policies
      * @description No description provided.
      *
-     * **Credential required**: *Yes* / **Permission**: *write:admin*
+     * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
      */
     post: operations['admin/roles/update-default-policies'];
   };
@@ -697,7 +699,7 @@ export type paths = {
      * admin/roles/users
      * @description No description provided.
      *
-     * **Credential required**: *No* / **Permission**: *read:admin*
+     * **Credential required**: *No* / **Permission**: *read:admin:roles*
      */
     post: operations['admin/roles/users'];
   };
@@ -769,7 +771,7 @@ export type paths = {
      * ap/get
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:federation*
      */
     post: operations['ap/get'];
   };
@@ -778,7 +780,7 @@ export type paths = {
      * ap/show
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['ap/show'];
   };
@@ -1519,7 +1521,7 @@ export type paths = {
      * federation/update-remote-user
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *No*
      */
     post: operations['federation/update-remote-user'];
   };
@@ -1792,7 +1794,7 @@ export type paths = {
      * i
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['i'];
   };
@@ -1901,7 +1903,7 @@ export type paths = {
      * i/claim-achievement
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     post: operations['i/claim-achievement'];
   };
@@ -2150,7 +2152,7 @@ export type paths = {
      * i/registry/get-all
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['i/registry/get-all'];
   };
@@ -2159,7 +2161,7 @@ export type paths = {
      * i/registry/get-detail
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['i/registry/get-detail'];
   };
@@ -2168,7 +2170,7 @@ export type paths = {
      * i/registry/get
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['i/registry/get'];
   };
@@ -2177,7 +2179,7 @@ export type paths = {
      * i/registry/keys-with-type
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['i/registry/keys-with-type'];
   };
@@ -2186,7 +2188,7 @@ export type paths = {
      * i/registry/keys
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['i/registry/keys'];
   };
@@ -2195,7 +2197,7 @@ export type paths = {
      * i/registry/remove
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     post: operations['i/registry/remove'];
   };
@@ -2214,7 +2216,7 @@ export type paths = {
      * i/registry/set
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     post: operations['i/registry/set'];
   };
@@ -2326,7 +2328,7 @@ export type paths = {
      * invite/create
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:invite-codes*
      */
     post: operations['invite/create'];
   };
@@ -2335,7 +2337,7 @@ export type paths = {
      * invite/delete
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:invite-codes*
      */
     post: operations['invite/delete'];
   };
@@ -2344,7 +2346,7 @@ export type paths = {
      * invite/list
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:invite-codes*
      */
     post: operations['invite/list'];
   };
@@ -2353,7 +2355,7 @@ export type paths = {
      * invite/limit
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:invite-codes*
      */
     post: operations['invite/limit'];
   };
@@ -2467,7 +2469,7 @@ export type paths = {
      * my/apps
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['my/apps'];
   };
@@ -2573,7 +2575,7 @@ export type paths = {
      * notes/hybrid-timeline
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['notes/hybrid-timeline'];
   };
@@ -2591,7 +2593,7 @@ export type paths = {
      * notes/mentions
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['notes/mentions'];
   };
@@ -2600,7 +2602,7 @@ export type paths = {
      * notes/polls/recommendation
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['notes/polls/recommendation'];
   };
@@ -2697,7 +2699,7 @@ export type paths = {
      * notes/state
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['notes/state'];
   };
@@ -2724,7 +2726,7 @@ export type paths = {
      * notes/timeline
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['notes/timeline'];
   };
@@ -2733,7 +2735,7 @@ export type paths = {
      * notes/translate
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['notes/translate'];
   };
@@ -2751,7 +2753,7 @@ export type paths = {
      * notes/user-list-timeline
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['notes/user-list-timeline'];
   };
@@ -2959,7 +2961,7 @@ export type paths = {
      * promo/read
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     post: operations['promo/read'];
   };
@@ -2968,7 +2970,7 @@ export type paths = {
      * roles/list
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['roles/list'];
   };
@@ -2995,7 +2997,7 @@ export type paths = {
      * roles/notes
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['roles/notes'];
   };
@@ -3056,6 +3058,7 @@ export type paths = {
      * sw/show-registration
      * @description Check push notification registration exists.
      *
+     * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
      * **Credential required**: *Yes*
      */
     post: operations['sw/show-registration'];
@@ -3065,6 +3068,7 @@ export type paths = {
      * sw/update-registration
      * @description Update push notification registration.
      *
+     * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
      * **Credential required**: *Yes*
      */
     post: operations['sw/update-registration'];
@@ -3074,6 +3078,7 @@ export type paths = {
      * sw/register
      * @description Register to receive push notifications.
      *
+     * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
      * **Credential required**: *Yes*
      */
     post: operations['sw/register'];
@@ -3234,7 +3239,7 @@ export type paths = {
      * users/lists/favorite
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     post: operations['users/lists/favorite'];
   };
@@ -3243,7 +3248,7 @@ export type paths = {
      * users/lists/unfavorite
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     post: operations['users/lists/unfavorite'];
   };
@@ -3261,7 +3266,7 @@ export type paths = {
      * users/lists/create-from-public
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:account*
      */
     post: operations['users/lists/create-from-public'];
   };
@@ -3333,7 +3338,7 @@ export type paths = {
      * users/relation
      * @description Show the different kinds of relations between the authenticated user and the specified user(s).
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *read:account*
      */
     post: operations['users/relation'];
   };
@@ -3342,7 +3347,7 @@ export type paths = {
      * users/report-abuse
      * @description File a report.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *Yes* / **Permission**: *write:report-abuse*
      */
     post: operations['users/report-abuse'];
   };
@@ -3378,7 +3383,7 @@ export type paths = {
      * users/achievements
      * @description No description provided.
      *
-     * **Credential required**: *Yes*
+     * **Credential required**: *No*
      */
     post: operations['users/achievements'];
   };
@@ -3412,6 +3417,7 @@ export type paths = {
      * fetch-external-resources
      * @description No description provided.
      *
+     * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
      * **Credential required**: *Yes*
      */
     post: operations['fetch-external-resources'];
@@ -4381,7 +4387,7 @@ export type operations = {
    * admin/meta
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:meta*
    */
   'admin/meta': {
     responses: {
@@ -4522,7 +4528,7 @@ export type operations = {
    * admin/abuse-user-reports
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:abuse-user-reports*
    */
   'admin/abuse-user-reports': {
     requestBody: {
@@ -4614,7 +4620,8 @@ export type operations = {
    * admin/accounts/create
    * @description No description provided.
    *
-   * **Credential required**: *No* / **Permission**: *write:admin*
+   * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
+   * **Credential required**: *No*
    */
   'admin/accounts/create': {
     requestBody: {
@@ -4668,7 +4675,7 @@ export type operations = {
    * admin/accounts/delete
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:account*
    */
   'admin/accounts/delete': {
     requestBody: {
@@ -4720,7 +4727,7 @@ export type operations = {
    * admin/accounts/find-by-email
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:account*
    */
   'admin/accounts/find-by-email': {
     requestBody: {
@@ -4773,7 +4780,7 @@ export type operations = {
    * admin/ad/create
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:ad*
    */
   'admin/ad/create': {
     requestBody: {
@@ -4834,7 +4841,7 @@ export type operations = {
    * admin/ad/delete
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:ad*
    */
   'admin/ad/delete': {
     requestBody: {
@@ -4886,7 +4893,7 @@ export type operations = {
    * admin/ad/list
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:ad*
    */
   'admin/ad/list': {
     requestBody: {
@@ -4946,7 +4953,7 @@ export type operations = {
    * admin/ad/update
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:ad*
    */
   'admin/ad/update': {
     requestBody: {
@@ -5007,7 +5014,7 @@ export type operations = {
    * admin/announcements/create
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:announcements*
    */
   'admin/announcements/create': {
     requestBody: {
@@ -5096,7 +5103,7 @@ export type operations = {
    * admin/announcements/delete
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:announcements*
    */
   'admin/announcements/delete': {
     requestBody: {
@@ -5148,7 +5155,7 @@ export type operations = {
    * admin/announcements/list
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:announcements*
    */
   'admin/announcements/list': {
     requestBody: {
@@ -5222,7 +5229,7 @@ export type operations = {
    * admin/announcements/update
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:announcements*
    */
   'admin/announcements/update': {
     requestBody: {
@@ -5285,7 +5292,7 @@ export type operations = {
    * admin/avatar-decorations/create
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations*
    */
   'admin/avatar-decorations/create': {
     requestBody: {
@@ -5339,7 +5346,7 @@ export type operations = {
    * admin/avatar-decorations/delete
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations*
    */
   'admin/avatar-decorations/delete': {
     requestBody: {
@@ -5391,7 +5398,7 @@ export type operations = {
    * admin/avatar-decorations/list
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:avatar-decorations*
    */
   'admin/avatar-decorations/list': {
     requestBody: {
@@ -5465,7 +5472,7 @@ export type operations = {
    * admin/avatar-decorations/update
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:avatar-decorations*
    */
   'admin/avatar-decorations/update': {
     requestBody: {
@@ -5521,7 +5528,7 @@ export type operations = {
    * admin/delete-all-files-of-a-user
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:delete-all-files-of-a-user*
    */
   'admin/delete-all-files-of-a-user': {
     requestBody: {
@@ -5573,7 +5580,7 @@ export type operations = {
    * admin/unset-user-avatar
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:unset-user-avatar*
    */
   'admin/unset-user-avatar': {
     requestBody: {
@@ -5625,7 +5632,7 @@ export type operations = {
    * admin/unset-user-banner
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:unset-user-banner*
    */
   'admin/unset-user-banner': {
     requestBody: {
@@ -5677,7 +5684,7 @@ export type operations = {
    * admin/drive/clean-remote-files
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:drive*
    */
   'admin/drive/clean-remote-files': {
     responses: {
@@ -5721,7 +5728,7 @@ export type operations = {
    * admin/drive/cleanup
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:drive*
    */
   'admin/drive/cleanup': {
     responses: {
@@ -5765,7 +5772,7 @@ export type operations = {
    * admin/drive/files
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:drive*
    */
   'admin/drive/files': {
     requestBody: {
@@ -5836,7 +5843,7 @@ export type operations = {
    * admin/drive/show-file
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:drive*
    */
   'admin/drive/show-file': {
     requestBody: {
@@ -5940,7 +5947,7 @@ export type operations = {
    * admin/emoji/add-aliases-bulk
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
    */
   'admin/emoji/add-aliases-bulk': {
     requestBody: {
@@ -5992,7 +5999,7 @@ export type operations = {
    * admin/emoji/add
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
    */
   'admin/emoji/add': {
     requestBody: {
@@ -6052,7 +6059,7 @@ export type operations = {
    * admin/emoji/copy
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
    */
   'admin/emoji/copy': {
     requestBody: {
@@ -6109,7 +6116,7 @@ export type operations = {
    * admin/emoji/delete-bulk
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
    */
   'admin/emoji/delete-bulk': {
     requestBody: {
@@ -6160,7 +6167,7 @@ export type operations = {
    * admin/emoji/delete
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
    */
   'admin/emoji/delete': {
     requestBody: {
@@ -6212,7 +6219,8 @@ export type operations = {
    * admin/emoji/import-zip
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
+   * **Credential required**: *Yes*
    */
   'admin/emoji/import-zip': {
     requestBody: {
@@ -6264,7 +6272,7 @@ export type operations = {
    * admin/emoji/list-remote
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:emoji*
    */
   'admin/emoji/list-remote': {
     requestBody: {
@@ -6338,7 +6346,7 @@ export type operations = {
    * admin/emoji/list
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:emoji*
    */
   'admin/emoji/list': {
     requestBody: {
@@ -6407,7 +6415,7 @@ export type operations = {
    * admin/emoji/remove-aliases-bulk
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
    */
   'admin/emoji/remove-aliases-bulk': {
     requestBody: {
@@ -6459,7 +6467,7 @@ export type operations = {
    * admin/emoji/set-aliases-bulk
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
    */
   'admin/emoji/set-aliases-bulk': {
     requestBody: {
@@ -6511,7 +6519,7 @@ export type operations = {
    * admin/emoji/set-category-bulk
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
    */
   'admin/emoji/set-category-bulk': {
     requestBody: {
@@ -6564,7 +6572,7 @@ export type operations = {
    * admin/emoji/set-license-bulk
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
    */
   'admin/emoji/set-license-bulk': {
     requestBody: {
@@ -6617,7 +6625,7 @@ export type operations = {
    * admin/emoji/update
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:emoji*
    */
   'admin/emoji/update': {
     requestBody: {
@@ -6679,7 +6687,7 @@ export type operations = {
    * admin/federation/delete-all-files
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:federation*
    */
   'admin/federation/delete-all-files': {
     requestBody: {
@@ -6730,7 +6738,7 @@ export type operations = {
    * admin/federation/refresh-remote-instance-metadata
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:federation*
    */
   'admin/federation/refresh-remote-instance-metadata': {
     requestBody: {
@@ -6781,7 +6789,7 @@ export type operations = {
    * admin/federation/remove-all-following
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:federation*
    */
   'admin/federation/remove-all-following': {
     requestBody: {
@@ -6832,7 +6840,7 @@ export type operations = {
    * admin/federation/update-instance
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:federation*
    */
   'admin/federation/update-instance': {
     requestBody: {
@@ -6884,7 +6892,7 @@ export type operations = {
    * admin/get-index-stats
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:index-stats*
    */
   'admin/get-index-stats': {
     responses: {
@@ -6933,7 +6941,7 @@ export type operations = {
    * admin/get-table-stats
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:table-stats*
    */
   'admin/get-table-stats': {
     responses: {
@@ -6979,7 +6987,7 @@ export type operations = {
    * admin/get-user-ips
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:user-ips*
    */
   'admin/get-user-ips': {
     requestBody: {
@@ -7037,7 +7045,7 @@ export type operations = {
    * admin/invite/create
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:invite-codes*
    */
   'admin/invite/create': {
     requestBody: {
@@ -7092,7 +7100,7 @@ export type operations = {
    * admin/invite/list
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:invite-codes*
    */
   'admin/invite/list': {
     requestBody: {
@@ -7155,7 +7163,7 @@ export type operations = {
    * admin/promo/create
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:promo*
    */
   'admin/promo/create': {
     requestBody: {
@@ -7208,7 +7216,7 @@ export type operations = {
    * admin/queue/clear
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:queue*
    */
   'admin/queue/clear': {
     responses: {
@@ -7252,7 +7260,7 @@ export type operations = {
    * admin/queue/deliver-delayed
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:queue*
    */
   'admin/queue/deliver-delayed': {
     responses: {
@@ -7298,7 +7306,7 @@ export type operations = {
    * admin/queue/inbox-delayed
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:queue*
    */
   'admin/queue/inbox-delayed': {
     responses: {
@@ -7344,7 +7352,7 @@ export type operations = {
    * admin/queue/promote
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:queue*
    */
   'admin/queue/promote': {
     requestBody: {
@@ -7396,7 +7404,7 @@ export type operations = {
    * admin/queue/stats
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:emoji*
    */
   'admin/queue/stats': {
     responses: {
@@ -7447,7 +7455,7 @@ export type operations = {
    * admin/relays/add
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:relays*
    */
   'admin/relays/add': {
     requestBody: {
@@ -7510,7 +7518,7 @@ export type operations = {
    * admin/relays/list
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:relays*
    */
   'admin/relays/list': {
     responses: {
@@ -7566,7 +7574,7 @@ export type operations = {
    * admin/relays/remove
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:relays*
    */
   'admin/relays/remove': {
     requestBody: {
@@ -7617,7 +7625,7 @@ export type operations = {
    * admin/reset-password
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:reset-password*
    */
   'admin/reset-password': {
     requestBody: {
@@ -7673,7 +7681,7 @@ export type operations = {
    * admin/resolve-abuse-user-report
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:resolve-abuse-user-report*
    */
   'admin/resolve-abuse-user-report': {
     requestBody: {
@@ -7727,7 +7735,7 @@ export type operations = {
    * admin/send-email
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:send-email*
    */
   'admin/send-email': {
     requestBody: {
@@ -7780,7 +7788,7 @@ export type operations = {
    * admin/server-info
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:server-info*
    */
   'admin/server-info': {
     responses: {
@@ -7850,7 +7858,7 @@ export type operations = {
    * admin/show-moderation-logs
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:show-moderation-log*
    */
   'admin/show-moderation-logs': {
     requestBody: {
@@ -7921,7 +7929,7 @@ export type operations = {
    * admin/show-user
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:show-user*
    */
   'admin/show-user': {
     requestBody: {
@@ -7975,7 +7983,7 @@ export type operations = {
    * admin/show-users
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:show-users*
    */
   'admin/show-users': {
     requestBody: {
@@ -8050,7 +8058,7 @@ export type operations = {
    * admin/suspend-user
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:suspend-user*
    */
   'admin/suspend-user': {
     requestBody: {
@@ -8102,7 +8110,7 @@ export type operations = {
    * admin/unsuspend-user
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:unsuspend-user*
    */
   'admin/unsuspend-user': {
     requestBody: {
@@ -8154,7 +8162,7 @@ export type operations = {
    * admin/update-meta
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:meta*
    */
   'admin/update-meta': {
     requestBody: {
@@ -8299,7 +8307,7 @@ export type operations = {
    * admin/delete-account
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:delete-account*
    */
   'admin/delete-account': {
     requestBody: {
@@ -8353,7 +8361,7 @@ export type operations = {
    * admin/update-user-note
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:user-note*
    */
   'admin/update-user-note': {
     requestBody: {
@@ -8406,7 +8414,7 @@ export type operations = {
    * admin/roles/create
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
    */
   'admin/roles/create': {
     requestBody: {
@@ -8474,7 +8482,7 @@ export type operations = {
    * admin/roles/delete
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
    */
   'admin/roles/delete': {
     requestBody: {
@@ -8526,7 +8534,7 @@ export type operations = {
    * admin/roles/list
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:roles*
    */
   'admin/roles/list': {
     responses: {
@@ -8572,7 +8580,7 @@ export type operations = {
    * admin/roles/show
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *read:admin*
+   * **Credential required**: *Yes* / **Permission**: *read:admin:roles*
    */
   'admin/roles/show': {
     requestBody: {
@@ -8626,7 +8634,7 @@ export type operations = {
    * admin/roles/update
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
    */
   'admin/roles/update': {
     requestBody: {
@@ -8693,7 +8701,7 @@ export type operations = {
    * admin/roles/assign
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
    */
   'admin/roles/assign': {
     requestBody: {
@@ -8748,7 +8756,7 @@ export type operations = {
    * admin/roles/unassign
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
    */
   'admin/roles/unassign': {
     requestBody: {
@@ -8802,7 +8810,7 @@ export type operations = {
    * admin/roles/update-default-policies
    * @description No description provided.
    *
-   * **Credential required**: *Yes* / **Permission**: *write:admin*
+   * **Credential required**: *Yes* / **Permission**: *write:admin:roles*
    */
   'admin/roles/update-default-policies': {
     requestBody: {
@@ -8853,7 +8861,7 @@ export type operations = {
    * admin/roles/users
    * @description No description provided.
    *
-   * **Credential required**: *No* / **Permission**: *read:admin*
+   * **Credential required**: *No* / **Permission**: *read:admin:roles*
    */
   'admin/roles/users': {
     requestBody: {
@@ -9327,7 +9335,7 @@ export type operations = {
    * ap/get
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:federation*
    */
   'ap/get': {
     requestBody: {
@@ -9386,7 +9394,7 @@ export type operations = {
    * ap/show
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'ap/show': {
     requestBody: {
@@ -13615,7 +13623,7 @@ export type operations = {
    * federation/update-remote-user
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *No*
    */
   'federation/update-remote-user': {
     requestBody: {
@@ -15200,7 +15208,7 @@ export type operations = {
    * i
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   i: {
     responses: {
@@ -15853,7 +15861,7 @@ export type operations = {
    * i/claim-achievement
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *write:account*
    */
   'i/claim-achievement': {
     requestBody: {
@@ -17311,7 +17319,7 @@ export type operations = {
    * i/registry/get-all
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'i/registry/get-all': {
     requestBody: {
@@ -17366,7 +17374,7 @@ export type operations = {
    * i/registry/get-detail
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'i/registry/get-detail': {
     requestBody: {
@@ -17422,7 +17430,7 @@ export type operations = {
    * i/registry/get
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'i/registry/get': {
     requestBody: {
@@ -17478,7 +17486,7 @@ export type operations = {
    * i/registry/keys-with-type
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'i/registry/keys-with-type': {
     requestBody: {
@@ -17533,7 +17541,7 @@ export type operations = {
    * i/registry/keys
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'i/registry/keys': {
     requestBody: {
@@ -17586,7 +17594,7 @@ export type operations = {
    * i/registry/remove
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *write:account*
    */
   'i/registry/remove': {
     requestBody: {
@@ -17690,7 +17698,7 @@ export type operations = {
    * i/registry/set
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *write:account*
    */
   'i/registry/set': {
     requestBody: {
@@ -18446,7 +18454,7 @@ export type operations = {
    * invite/create
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *write:invite-codes*
    */
   'invite/create': {
     responses: {
@@ -18492,7 +18500,7 @@ export type operations = {
    * invite/delete
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *write:invite-codes*
    */
   'invite/delete': {
     requestBody: {
@@ -18544,7 +18552,7 @@ export type operations = {
    * invite/list
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:invite-codes*
    */
   'invite/list': {
     requestBody: {
@@ -18602,7 +18610,7 @@ export type operations = {
    * invite/limit
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:invite-codes*
    */
   'invite/limit': {
     responses: {
@@ -19282,7 +19290,7 @@ export type operations = {
    * my/apps
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'my/apps': {
     requestBody: {
@@ -19959,7 +19967,7 @@ export type operations = {
    * notes/hybrid-timeline
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'notes/hybrid-timeline': {
     requestBody: {
@@ -20101,7 +20109,7 @@ export type operations = {
    * notes/mentions
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'notes/mentions': {
     requestBody: {
@@ -20162,7 +20170,7 @@ export type operations = {
    * notes/polls/recommendation
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'notes/polls/recommendation': {
     requestBody: {
@@ -20762,7 +20770,7 @@ export type operations = {
    * notes/state
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'notes/state': {
     requestBody: {
@@ -20929,7 +20937,7 @@ export type operations = {
    * notes/timeline
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'notes/timeline': {
     requestBody: {
@@ -21001,7 +21009,7 @@ export type operations = {
    * notes/translate
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'notes/translate': {
     requestBody: {
@@ -21117,7 +21125,7 @@ export type operations = {
    * notes/user-list-timeline
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'notes/user-list-timeline': {
     requestBody: {
@@ -22409,7 +22417,7 @@ export type operations = {
    * promo/read
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *write:account*
    */
   'promo/read': {
     requestBody: {
@@ -22461,7 +22469,7 @@ export type operations = {
    * roles/list
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'roles/list': {
     responses: {
@@ -22625,7 +22633,7 @@ export type operations = {
    * roles/notes
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'roles/notes': {
     requestBody: {
@@ -22954,6 +22962,7 @@ export type operations = {
    * sw/show-registration
    * @description Check push notification registration exists.
    *
+   * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
    * **Credential required**: *Yes*
    */
   'sw/show-registration': {
@@ -23015,6 +23024,7 @@ export type operations = {
    * sw/update-registration
    * @description Update push notification registration.
    *
+   * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
    * **Credential required**: *Yes*
    */
   'sw/update-registration': {
@@ -23073,6 +23083,7 @@ export type operations = {
    * sw/register
    * @description Register to receive push notifications.
    *
+   * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
    * **Credential required**: *Yes*
    */
   'sw/register': {
@@ -24077,7 +24088,7 @@ export type operations = {
    * users/lists/favorite
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *write:account*
    */
   'users/lists/favorite': {
     requestBody: {
@@ -24129,7 +24140,7 @@ export type operations = {
    * users/lists/unfavorite
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *write:account*
    */
   'users/lists/unfavorite': {
     requestBody: {
@@ -24237,7 +24248,7 @@ export type operations = {
    * users/lists/create-from-public
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *write:account*
    */
   'users/lists/create-from-public': {
     requestBody: {
@@ -24728,7 +24739,7 @@ export type operations = {
    * users/relation
    * @description Show the different kinds of relations between the authenticated user and the specified user(s).
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *read:account*
    */
   'users/relation': {
     requestBody: {
@@ -24803,7 +24814,7 @@ export type operations = {
    * users/report-abuse
    * @description File a report.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *Yes* / **Permission**: *write:report-abuse*
    */
   'users/report-abuse': {
     requestBody: {
@@ -25036,7 +25047,7 @@ export type operations = {
    * users/achievements
    * @description No description provided.
    *
-   * **Credential required**: *Yes*
+   * **Credential required**: *No*
    */
   'users/achievements': {
     requestBody: {
@@ -25202,6 +25213,7 @@ export type operations = {
    * fetch-external-resources
    * @description No description provided.
    *
+   * **Internal Endpoint**: This endpoint is an API for the misskey mainframe and is not intended for use by third parties.
    * **Credential required**: *Yes*
    */
   'fetch-external-resources': {
diff --git a/packages/misskey-js/src/consts.ts b/packages/misskey-js/src/consts.ts
index e769bb9e6d..0e446c1215 100644
--- a/packages/misskey-js/src/consts.ts
+++ b/packages/misskey-js/src/consts.ts
@@ -45,7 +45,55 @@ export const permissions = [
 	'write:flash',
 	'read:flash-likes',
 	'write:flash-likes',
-];
+	'read:admin:abuse-user-reports',
+	'write:admin:delete-account',
+	'write:admin:delete-all-files-of-a-user',
+	'read:admin:index-stats',
+	'read:admin:table-stats',
+	'read:admin:user-ips',
+	'read:admin:meta',
+	'write:admin:reset-password',
+	'write:admin:resolve-abuse-user-report',
+	'write:admin:send-email',
+	'read:admin:server-info',
+	'read:admin:show-moderation-log',
+	'read:admin:show-user',
+	'read:admin:show-users',
+	'write:admin:suspend-user',
+	'write:admin:unset-user-avatar',
+	'write:admin:unset-user-banner',
+	'write:admin:unsuspend-user',
+	'write:admin:meta',
+	'write:admin:user-note',
+	'write:admin:roles',
+	'read:admin:roles',
+	'write:admin:relays',
+	'read:admin:relays',
+	'write:admin:invite-codes',
+	'read:admin:invite-codes',
+	'write:admin:announcements',
+	'read:admin:announcements',
+	'write:admin:avatar-decorations',
+	'read:admin:avatar-decorations',
+	'write:admin:federation',
+	'write:admin:account',
+	'read:admin:account',
+	'write:admin:emoji',
+	'read:admin:emoji',
+	'write:admin:queue',
+	'read:admin:queue',
+	'write:admin:promo',
+	'write:admin:drive',
+	'read:admin:drive',
+	'write:admin:ad',
+	'read:admin:ad',
+	'write:invite-codes',
+	'read:invite-codes',
+	'write:clip-favorite',
+	'read:clip-favorite',
+	'read:federation',
+	'write:report-abuse',
+] as const;
 
 export const moderationLogTypes = [
 	'updateServerSettings',