diff --git a/Makefile b/Makefile
index a1ad7ad5..ef22e707 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 SHELL := /bin/bash
 
-export API_TAGS ?= ExternalClusterAPI,PoliciesAPI,NodeConfigurationAPI,NodeTemplatesAPI,AuthTokenAPI,ScheduledRebalancingAPI,InventoryAPI,UsersAPI,OperationsAPI,EvictorAPI,SSOAPI,CommitmentsAPI,WorkloadOptimizationAPI,RbacServiceAPI
+export API_TAGS ?= ExternalClusterAPI,PoliciesAPI,NodeConfigurationAPI,NodeTemplatesAPI,AuthTokenAPI,ScheduledRebalancingAPI,InventoryAPI,UsersAPI,OperationsAPI,EvictorAPI,SSOAPI,CommitmentsAPI,WorkloadOptimizationAPI,ServiceAccountsAPI,RbacServiceAPI
 export SWAGGER_LOCATION ?= https://api.cast.ai/v1/spec/openapi.json
 
 default: build
diff --git a/castai/provider.go b/castai/provider.go
index 4958aa45..66933cf7 100644
--- a/castai/provider.go
+++ b/castai/provider.go
@@ -52,6 +52,7 @@ func Provider(version string) *schema.Provider {
 			"castai_commitments":                resourceCommitments(),
 			"castai_organization_members":       resourceOrganizationMembers(),
 			"castai_sso_connection":             resourceSSOConnection(),
+			"castai_service_account":            resourceServiceAccount(),
 			"castai_workload_scaling_policy":    resourceWorkloadScalingPolicy(),
 			"castai_organization_group":         resourceOrganizationGroup(),
 			"castai_role_bindings":              resourceRoleBindings(),
diff --git a/castai/resource_service_account.go b/castai/resource_service_account.go
new file mode 100644
index 00000000..6928d6bb
--- /dev/null
+++ b/castai/resource_service_account.go
@@ -0,0 +1,280 @@
+package castai
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/hashicorp/terraform-plugin-log/tflog"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+
+	"github.com/castai/terraform-provider-castai/castai/sdk"
+)
+
+const (
+	FieldServiceAccountOrganizationID = "organization_id"
+	FieldServiceAccountName           = "name"
+	FieldServiceAccountID             = "service_account_id"
+	FieldServiceAccountDescription    = "description"
+	FieldServiceAccountEmail          = "email"
+
+	FieldServiceAccountAuthor      = "author"
+	FieldServiceAccountAuthorID    = "id"
+	FieldServiceAccountAuthorEmail = "email"
+	FieldServiceAccountAuthorKind  = "kind"
+)
+
+func resourceServiceAccount() *schema.Resource {
+	return &schema.Resource{
+		CreateContext: resourceServiceAccountCreate,
+		ReadContext:   resourceServiceAccountRead,
+		UpdateContext: resourceServiceAccountUpdate,
+		DeleteContext: resourceServiceAccountDelete,
+
+		Description: "Service Account resource allows managing CAST AI service accounts.",
+		Timeouts: &schema.ResourceTimeout{
+			Create: schema.DefaultTimeout(3 * time.Minute),
+			Update: schema.DefaultTimeout(3 * time.Minute),
+			Delete: schema.DefaultTimeout(3 * time.Minute),
+		},
+
+		Schema: map[string]*schema.Schema{
+			FieldServiceAccountOrganizationID: {
+				Type:        schema.TypeString,
+				Required:    true,
+				ForceNew:    true,
+				Description: "ID of the organization.",
+			},
+			FieldServiceAccountName: {
+				Type:        schema.TypeString,
+				Required:    true,
+				Description: "Name of the service account.",
+			},
+			FieldServiceAccountDescription: {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Description: "Description of the service account.",
+			},
+			FieldServiceAccountEmail: {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: "Email of the service account.",
+			},
+			FieldServiceAccountAuthor: {
+				Type: schema.TypeList,
+				Elem: &schema.Resource{
+					Schema: map[string]*schema.Schema{
+						FieldServiceAccountAuthorID:    {Type: schema.TypeString, Computed: true},
+						FieldServiceAccountAuthorEmail: {Type: schema.TypeString, Computed: true},
+						FieldServiceAccountAuthorKind:  {Type: schema.TypeString, Computed: true},
+					},
+				},
+				Computed:    true,
+				Description: "Author of the service account.",
+			},
+		},
+	}
+}
+
+func resourceServiceAccountRead(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client := meta.(*ProviderConfig).api
+
+	if data.Id() == "" {
+		return diag.Errorf("service account ID is not set")
+	}
+
+	organizationID, err := getOrganizationID(ctx, data, meta)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	tflog.Info(ctx, "reading service account", map[string]interface{}{
+		"resource_id":     data.Id(),
+		"organization_id": organizationID,
+	})
+
+	resp, err := client.ServiceAccountsAPIGetServiceAccountWithResponse(ctx, organizationID, data.Id())
+	if resp.StatusCode() == http.StatusNotFound {
+		tflog.Warn(ctx, "resource is not found, removing from state", map[string]interface{}{
+			"resource_id":     data.Id(),
+			"organization_id": organizationID,
+		})
+		data.SetId("") // Mark resource as deleted
+		return nil
+	}
+	if err := sdk.CheckOKResponse(resp, err); err != nil {
+		return diag.Errorf("getting service account: %v", err)
+	}
+
+	tflog.Info(ctx, "found service account", map[string]interface{}{
+		"resource_id":     data.Id(),
+		"organization_id": organizationID,
+	})
+	serviceAccount := resp.JSON200
+
+	if err := data.Set(FieldServiceAccountName, serviceAccount.ServiceAccount.Name); err != nil {
+		return diag.Errorf("setting service account name: %v", err)
+	}
+
+	if err := data.Set(FieldServiceAccountEmail, serviceAccount.ServiceAccount.Email); err != nil {
+		return diag.Errorf("setting service account email: %v", err)
+	}
+
+	if err := data.Set(FieldServiceAccountDescription, serviceAccount.ServiceAccount.Description); err != nil {
+		return diag.Errorf("setting service account description: %v", err)
+	}
+
+	authorData := flattenServiceAccountAuthor(serviceAccount.ServiceAccount.Author)
+	if err := data.Set(FieldServiceAccountAuthor, authorData); err != nil {
+		return diag.Errorf("setting service account author: %v", err)
+	}
+	return nil
+}
+
+func resourceServiceAccountCreate(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client := meta.(*ProviderConfig).api
+
+	organizationID, err := getOrganizationID(ctx, data, meta)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	name := data.Get(FieldServiceAccountName).(string)
+	description := data.Get(FieldServiceAccountDescription).(string)
+
+	tflog.Info(ctx, "creating service account", map[string]interface{}{
+		"name":            name,
+		"description":     description,
+		"organization_id": organizationID,
+	})
+
+	resp, err := client.ServiceAccountsAPICreateServiceAccountWithResponse(ctx, organizationID, sdk.CastaiServiceaccountsV1beta1CreateServiceAccountRequestServiceAccount{
+		Name:        name,
+		Description: &description,
+	},
+	)
+
+	if err := sdk.CheckResponseCreated(resp, err); err != nil {
+		return diag.Errorf("creating service account: %v", err)
+	}
+
+	tflog.Info(ctx, "created service account", map[string]interface{}{
+		"resource_id":     *resp.JSON201.Id,
+		"organization_id": organizationID,
+	})
+	data.SetId(*resp.JSON201.Id)
+
+	return resourceServiceAccountRead(ctx, data, meta)
+}
+
+func resourceServiceAccountUpdate(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client := meta.(*ProviderConfig).api
+
+	organizationID, err := getOrganizationID(ctx, data, meta)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	serviceAccountID := data.Id()
+	name := data.Get(FieldServiceAccountName).(string)
+	description := data.Get(FieldServiceAccountDescription).(string)
+
+	tflog.Info(ctx, "updating service account", map[string]interface{}{
+		"resource_id":     serviceAccountID,
+		"name":            name,
+		"description":     description,
+		"organization_id": organizationID,
+	})
+
+	resp, err := client.ServiceAccountsAPIUpdateServiceAccountWithResponse(
+		ctx,
+		organizationID,
+		serviceAccountID,
+		sdk.ServiceAccountsAPIUpdateServiceAccountRequest{
+			ServiceAccount: sdk.CastaiServiceaccountsV1beta1UpdateServiceAccountRequestServiceAccount{
+				Name:        name,
+				Description: &description,
+			},
+		},
+	)
+
+	if err := sdk.CheckOKResponse(resp, err); err != nil {
+		return diag.Errorf("updating service account: %v", err)
+	}
+
+	tflog.Info(ctx, "created service account", map[string]interface{}{
+		"resource_id":     serviceAccountID,
+		"organization_id": organizationID,
+		"name":            name,
+		"description":     description,
+	})
+
+	return resourceServiceAccountRead(ctx, data, meta)
+}
+
+func resourceServiceAccountDelete(ctx context.Context, data *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	client := meta.(*ProviderConfig).api
+	organizationID, err := getOrganizationID(ctx, data, meta)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+	serviceAccountID := data.Id()
+
+	tflog.Info(ctx, "deleting service account", map[string]interface{}{
+		"resource_id":     serviceAccountID,
+		"organization_id": organizationID,
+	})
+
+	resp, err := client.ServiceAccountsAPIDeleteServiceAccount(ctx, organizationID, serviceAccountID)
+	if err != nil {
+		return diag.Errorf("deleting service account: %v", err)
+	}
+	if resp.StatusCode != http.StatusNoContent {
+		return diag.Errorf("deleteting service account: expected status: [204], received status: [%d]", resp.StatusCode)
+	}
+
+	tflog.Info(ctx, "deleted service account", map[string]interface{}{
+		"resource_id":     serviceAccountID,
+		"organization_id": organizationID,
+	})
+
+	return nil
+}
+
+func flattenServiceAccountAuthor(author *sdk.CastaiServiceaccountsV1beta1ServiceAccountAuthor) []map[string]interface{} {
+	if author == nil {
+		return []map[string]interface{}{}
+	}
+
+	return []map[string]interface{}{
+		{
+			FieldServiceAccountAuthorID:    stringValue(author.Id),
+			FieldServiceAccountAuthorEmail: stringValue(author.Email),
+			FieldServiceAccountAuthorKind:  stringValue(author.Kind),
+		},
+	}
+}
+
+func stringValue(value *string) string {
+	if value == nil {
+		return ""
+	}
+	return *value
+}
+
+func getOrganizationID(ctx context.Context, data *schema.ResourceData, meta interface{}) (string, error) {
+	var organizationID string
+	var err error
+
+	organizationID = data.Get(FieldServiceAccountOrganizationID).(string)
+	if organizationID == "" {
+		organizationID, err = getDefaultOrganizationId(ctx, meta)
+		if err != nil {
+			return "", fmt.Errorf("getting organization ID: %w", err)
+		}
+	}
+
+	return organizationID, nil
+}
diff --git a/castai/resource_service_account_test.go b/castai/resource_service_account_test.go
new file mode 100644
index 00000000..62ab2b31
--- /dev/null
+++ b/castai/resource_service_account_test.go
@@ -0,0 +1,610 @@
+package castai
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"testing"
+	"time"
+
+	"github.com/golang/mock/gomock"
+	"github.com/hashicorp/go-cty/cty"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+	"github.com/stretchr/testify/require"
+
+	"github.com/castai/terraform-provider-castai/castai/sdk"
+	mock_sdk "github.com/castai/terraform-provider-castai/castai/sdk/mock"
+)
+
+func TestServiceAccountReadContext(t *testing.T) {
+	t.Parallel()
+
+	t.Run("when state is missing service account ID then return error", func(t *testing.T) {
+		r := require.New(t)
+
+		ctx := context.Background()
+		provider := &ProviderConfig{}
+
+		stateValue := cty.ObjectVal(map[string]cty.Value{})
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+
+		resource := resourceServiceAccount()
+		data := resource.Data(state)
+
+		result := resource.ReadContext(ctx, data, provider)
+
+		r.NotNil(result)
+		r.True(result.HasError())
+		r.Len(result, 1)
+		r.Equal("service account ID is not set", result[0].Summary)
+	})
+
+	t.Run("when ServiceAccountAPI respond with 404 then remove form the state gracefully", func(t *testing.T) {
+		r := require.New(t)
+		mockClient := mock_sdk.NewMockClientInterface(gomock.NewController(t))
+
+		ctx := context.Background()
+		provider := &ProviderConfig{
+			api: &sdk.ClientWithResponses{
+				ClientInterface: mockClient,
+			},
+		}
+		body := io.NopCloser(bytes.NewReader([]byte("")))
+
+		organizationID := "4e4cd9eb-82eb-407e-a926-e5fef81cab50"
+		serviceAccountID := "b11f5945-22ca-4101-a86e-d6e37f44a415"
+
+		mockClient.EXPECT().
+			ServiceAccountsAPIGetServiceAccount(gomock.Any(), organizationID, serviceAccountID).
+			Return(&http.Response{StatusCode: http.StatusNotFound, Body: body, Header: map[string][]string{"Content-Type": {"json"}}}, nil)
+
+		stateValue := cty.ObjectVal(map[string]cty.Value{
+			"organization_id": cty.StringVal(organizationID),
+		})
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+		state.ID = serviceAccountID
+
+		resource := resourceServiceAccount()
+		data := resource.Data(state)
+
+		result := resource.ReadContext(ctx, data, provider)
+
+		r.Nil(result)
+		r.False(result.HasError())
+		r.Empty(data.Id())
+	})
+
+	t.Run("when ServiceAccountAPI respond with 500 then return error", func(t *testing.T) {
+		r := require.New(t)
+		mockClient := mock_sdk.NewMockClientInterface(gomock.NewController(t))
+
+		ctx := context.Background()
+		provider := &ProviderConfig{
+			api: &sdk.ClientWithResponses{
+				ClientInterface: mockClient,
+			},
+		}
+		body := io.NopCloser(bytes.NewReader([]byte("panic")))
+
+		organizationID := "4e4cd9eb-82eb-407e-a926-e5fef81cab50"
+		serviceAccountID := "b11f5945-22ca-4101-a86e-d6e37f44a415"
+
+		mockClient.EXPECT().
+			ServiceAccountsAPIGetServiceAccount(gomock.Any(), organizationID, serviceAccountID).
+			Return(&http.Response{StatusCode: http.StatusInternalServerError, Body: body, Header: map[string][]string{"Content-Type": {"json"}}}, nil)
+
+		stateValue := cty.ObjectVal(map[string]cty.Value{
+			"organization_id": cty.StringVal(organizationID),
+		})
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+		state.ID = serviceAccountID
+
+		resource := resourceServiceAccount()
+		data := resource.Data(state)
+
+		result := resource.ReadContext(ctx, data, provider)
+
+		r.NotNil(result)
+		r.True(result.HasError())
+		r.Len(result, 1)
+		r.Equal("getting service account: expected status code 200, received: status=500 body=panic", result[0].Summary)
+	})
+
+	t.Run("when ServiceAccountAPI respond with 200 then populate the state", func(t *testing.T) {
+		r := require.New(t)
+		mockClient := mock_sdk.NewMockClientInterface(gomock.NewController(t))
+
+		ctx := context.Background()
+		provider := &ProviderConfig{
+			api: &sdk.ClientWithResponses{
+				ClientInterface: mockClient,
+			},
+		}
+
+		organizationID := "4e4cd9eb-82eb-407e-a926-e5fef81cab50"
+		serviceAccountID := "b11f5945-22ca-4101-a86e-d6e37f44a415"
+		userID := "671b2ebb-f361-42f0-aa2f-3049de93f8c1"
+
+		body := io.NopCloser(bytes.NewReader([]byte(fmt.Sprintf(`{
+  "serviceAccount": {
+    "id": %q,
+    "name": "service-account-name",
+    "email": "service-account-email",
+    "description": "service-account-description",
+    "createdAt": "2024-12-01T15:19:40.384Z",
+    "author": {
+      "id": %q,
+      "kind": "user",
+      "email": "user-email"
+    },
+    "keys": [
+      {
+        "id": "id",
+        "name": "test",
+        "prefix": "prefix",
+        "lastUsedAt": "2024-12-01T15:19:40.384Z",
+        "expiresAt": "2024-12-01T15:19:40.384Z",
+        "active": true
+      }
+    ]
+  }
+}`, serviceAccountID, userID))))
+
+		mockClient.EXPECT().
+			ServiceAccountsAPIGetServiceAccount(gomock.Any(), organizationID, serviceAccountID).
+			Return(&http.Response{StatusCode: http.StatusOK, Body: body, Header: map[string][]string{"Content-Type": {"json"}}}, nil)
+
+		stateValue := cty.ObjectVal(map[string]cty.Value{
+			"organization_id": cty.StringVal(organizationID),
+		})
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+		state.ID = serviceAccountID
+
+		resource := resourceServiceAccount()
+		data := resource.Data(state)
+
+		result := resource.ReadContext(ctx, data, provider)
+
+		r.Nil(result)
+		r.False(result.HasError())
+		r.Equal(fmt.Sprintf(`ID = %s
+author.# = 1
+author.0.email = user-email
+author.0.id = %s
+author.0.kind = user
+description = service-account-description
+email = service-account-email
+name = service-account-name
+organization_id = %s
+Tainted = false
+`, serviceAccountID, userID, organizationID), data.State().String())
+	})
+}
+
+func TestServiceAccountCreateContext(t *testing.T) {
+	t.Parallel()
+
+	t.Run("when ServiceAccountsAPI responds with 201 then populate the state", func(t *testing.T) {
+		r := require.New(t)
+		mockClient := mock_sdk.NewMockClientInterface(gomock.NewController(t))
+
+		ctx := context.Background()
+		provider := &ProviderConfig{
+			api: &sdk.ClientWithResponses{
+				ClientInterface: mockClient,
+			},
+		}
+
+		organizationID := "4e4cd9eb-82eb-407e-a926-e5fef81cab50"
+		serviceAccountID := "b11f5945-22ca-4101-a86e-d6e37f44a415"
+		serviceAccountEmail := "service-account-email"
+		name := "service-account-name"
+		description := "service-account-description"
+		userID := "671b2ebb-f361-42f0-aa2f-3049de93f8c1"
+		userEmail := "user-email"
+		createdAt := time.Date(2024, 12, 1, 15, 19, 40, 384000000, time.UTC)
+
+		mockClient.EXPECT().
+			ServiceAccountsAPICreateServiceAccount(gomock.Any(), organizationID, gomock.Any()).
+			DoAndReturn(func(_ context.Context, orgID string, req sdk.ServiceAccountsAPICreateServiceAccountJSONRequestBody) (*http.Response, error) {
+				r.Equal(organizationID, orgID)
+				r.Equal(name, req.Name)
+				r.Equal(description, *req.Description)
+
+				resp := &sdk.CastaiServiceaccountsV1beta1CreateServiceAccountResponse{
+					Id:          &serviceAccountID,
+					Name:        &name,
+					Description: &description,
+					Email:       &serviceAccountEmail,
+					Author: &sdk.CastaiServiceaccountsV1beta1CreateServiceAccountResponseAuthor{
+						Id:    &userID,
+						Email: &userEmail,
+					},
+					CreatedAt: &createdAt,
+				}
+				body := bytes.NewBuffer([]byte(""))
+				err := json.NewEncoder(body).Encode(resp)
+				r.NoError(err)
+				return &http.Response{StatusCode: http.StatusCreated, Body: io.NopCloser(body), Header: map[string][]string{"Content-Type": {"json"}}}, nil
+			})
+		mockClient.EXPECT().
+			ServiceAccountsAPIGetServiceAccount(gomock.Any(), organizationID, serviceAccountID).
+			DoAndReturn(func(_ context.Context, orgID string, serviceAccountID string) (*http.Response, error) {
+				resp := &sdk.CastaiServiceaccountsV1beta1GetServiceAccountResponse{
+					ServiceAccount: sdk.CastaiServiceaccountsV1beta1ServiceAccount{
+						Id:          &serviceAccountID,
+						Name:        &name,
+						Description: &description,
+						Email:       &serviceAccountEmail,
+						Author: &sdk.CastaiServiceaccountsV1beta1ServiceAccountAuthor{
+							Id:    &userID,
+							Email: &userEmail,
+						},
+						CreatedAt: &createdAt,
+					},
+				}
+				body := bytes.NewBuffer([]byte(""))
+				err := json.NewEncoder(body).Encode(resp)
+				r.NoError(err)
+				return &http.Response{StatusCode: http.StatusOK, Body: io.NopCloser(body), Header: map[string][]string{"Content-Type": {"json"}}}, nil
+			})
+		resource := resourceServiceAccount()
+		stateValue := cty.ObjectVal(map[string]cty.Value{
+			"organization_id": cty.StringVal(organizationID),
+			"name":            cty.StringVal(name),
+			"description":     cty.StringVal(description),
+		})
+
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+		data := resource.Data(state)
+
+		result := resource.CreateContext(ctx, data, provider)
+
+		r.Nil(result)
+		r.False(result.HasError())
+		r.Equal(serviceAccountID, data.Id())
+	})
+
+	t.Run("when ServiceAccountsAPI responds with an error then return error", func(t *testing.T) {
+		r := require.New(t)
+		mockClient := mock_sdk.NewMockClientInterface(gomock.NewController(t))
+
+		ctx := context.Background()
+		provider := &ProviderConfig{
+			api: &sdk.ClientWithResponses{
+				ClientInterface: mockClient,
+			},
+		}
+
+		organizationID := "4e4cd9eb-82eb-407e-a926-e5fef81cab50"
+		name := "service-account-name"
+		description := "service-account-description"
+
+		mockClient.EXPECT().
+			ServiceAccountsAPICreateServiceAccount(gomock.Any(), organizationID, gomock.Any()).
+			Return(nil, fmt.Errorf("mock network error"))
+
+		resource := resourceServiceAccount()
+		stateValue := cty.ObjectVal(map[string]cty.Value{
+			"organization_id": cty.StringVal(organizationID),
+			"name":            cty.StringVal(name),
+			"description":     cty.StringVal(description),
+		})
+
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+		data := resource.Data(state)
+
+		result := resource.CreateContext(ctx, data, provider)
+
+		r.NotNil(result)
+		r.True(result.HasError())
+		r.Len(result, 1)
+		r.Equal("creating service account: mock network error", result[0].Summary)
+	})
+
+	t.Run("when ServiceAccountsAPI responds with non-201 status then return error", func(t *testing.T) {
+		r := require.New(t)
+		mockClient := mock_sdk.NewMockClientInterface(gomock.NewController(t))
+
+		ctx := context.Background()
+		provider := &ProviderConfig{
+			api: &sdk.ClientWithResponses{
+				ClientInterface: mockClient,
+			},
+		}
+
+		organizationID := "4e4cd9eb-82eb-407e-a926-e5fef81cab50"
+		name := "service-account-name"
+		description := "service-account-description"
+
+		body := io.NopCloser(bytes.NewReader([]byte("mock error response")))
+
+		mockClient.EXPECT().
+			ServiceAccountsAPICreateServiceAccount(gomock.Any(), organizationID, gomock.Any()).
+			Return(&http.Response{
+				StatusCode: http.StatusInternalServerError,
+				Body:       body,
+			}, nil)
+
+		resource := resourceServiceAccount()
+		stateValue := cty.ObjectVal(map[string]cty.Value{
+			"organization_id": cty.StringVal(organizationID),
+			"name":            cty.StringVal(name),
+			"description":     cty.StringVal(description),
+		})
+
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+		data := resource.Data(state)
+
+		result := resource.CreateContext(ctx, data, provider)
+
+		r.NotNil(result)
+		r.True(result.HasError())
+		r.Len(result, 1)
+		r.Equal("creating service account: expected status code 201, received: status=500 body=mock error response", result[0].Summary)
+	})
+}
+
+func TestServiceAccountDeleteContext(t *testing.T) {
+	t.Run("when ServiceAccountsAPI responds with an error then return error", func(t *testing.T) {
+		r := require.New(t)
+		mockClient := mock_sdk.NewMockClientInterface(gomock.NewController(t))
+
+		ctx := context.Background()
+		provider := &ProviderConfig{
+			api: &sdk.ClientWithResponses{
+				ClientInterface: mockClient,
+			},
+		}
+
+		organizationID := "4e4cd9eb-82eb-407e-a926-e5fef81cab50"
+		serviceAccountID := "4e4cd9eb-82eb-407e-a926-e5fef81cab51"
+
+		mockClient.EXPECT().
+			ServiceAccountsAPIDeleteServiceAccount(gomock.Any(), organizationID, serviceAccountID).
+			Return(nil, fmt.Errorf("mock network error"))
+
+		resource := resourceServiceAccount()
+		stateValue := cty.ObjectVal(map[string]cty.Value{
+			"organization_id": cty.StringVal(organizationID),
+		})
+
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+		state.ID = serviceAccountID
+		data := resource.Data(state)
+
+		result := resource.DeleteContext(ctx, data, provider)
+
+		r.NotNil(result)
+		r.True(result.HasError())
+		r.Len(result, 1)
+		r.Equal("deleting service account: mock network error", result[0].Summary)
+	})
+
+	t.Run("when ServiceAccountsAPI responds with non-201 status then return error", func(t *testing.T) {
+		r := require.New(t)
+		mockClient := mock_sdk.NewMockClientInterface(gomock.NewController(t))
+
+		ctx := context.Background()
+		provider := &ProviderConfig{
+			api: &sdk.ClientWithResponses{
+				ClientInterface: mockClient,
+			},
+		}
+
+		organizationID := "4e4cd9eb-82eb-407e-a926-e5fef81cab50"
+		serviceAccountID := "4e4cd9eb-82eb-407e-a926-e5fef81cab51"
+
+		body := io.NopCloser(bytes.NewReader([]byte("mock error response")))
+
+		mockClient.EXPECT().
+			ServiceAccountsAPIDeleteServiceAccount(gomock.Any(), organizationID, gomock.Any()).
+			Return(&http.Response{
+				StatusCode: http.StatusInternalServerError,
+				Body:       body,
+			}, nil)
+
+		resource := resourceServiceAccount()
+		stateValue := cty.ObjectVal(map[string]cty.Value{
+			"organization_id": cty.StringVal(organizationID),
+		})
+
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+		state.ID = serviceAccountID
+		data := resource.Data(state)
+
+		result := resource.DeleteContext(ctx, data, provider)
+
+		r.NotNil(result)
+		r.True(result.HasError())
+		r.Len(result, 1)
+		r.Equal("deleteting service account: expected status: [204], received status: [500]", result[0].Summary)
+	})
+
+	t.Run("when ServiceAccountsAPI responds with 204 then return nil", func(t *testing.T) {
+		r := require.New(t)
+		mockClient := mock_sdk.NewMockClientInterface(gomock.NewController(t))
+
+		ctx := context.Background()
+		provider := &ProviderConfig{
+			api: &sdk.ClientWithResponses{
+				ClientInterface: mockClient,
+			},
+		}
+
+		organizationID := "4e4cd9eb-82eb-407e-a926-e5fef81cab50"
+		serviceAccountID := "4e4cd9eb-82eb-407e-a926-e5fef81cab51"
+
+		mockClient.EXPECT().
+			ServiceAccountsAPIDeleteServiceAccount(gomock.Any(), organizationID, gomock.Any()).
+			Return(&http.Response{
+				StatusCode: http.StatusNoContent,
+			}, nil)
+
+		resource := resourceServiceAccount()
+		stateValue := cty.ObjectVal(map[string]cty.Value{
+			"organization_id": cty.StringVal(organizationID),
+		})
+
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+		state.ID = serviceAccountID
+		data := resource.Data(state)
+
+		result := resource.DeleteContext(ctx, data, provider)
+
+		r.Nil(result)
+		r.False(result.HasError())
+		r.Empty(data.Get(FieldServiceAccountID))
+		r.Empty(data.Get(FieldServiceAccountEmail))
+		r.Empty(data.Get(FieldServiceAccountName))
+		r.Empty(data.Get(FieldServiceAccountDescription))
+		r.Empty(data.Get(FieldServiceAccountAuthor))
+	})
+}
+
+func TestServiceAccountUpdateContext(t *testing.T) {
+	t.Run("when ServiceAccountsAPI responds with an error then return error", func(t *testing.T) {
+		r := require.New(t)
+		mockClient := mock_sdk.NewMockClientInterface(gomock.NewController(t))
+		ctx := context.Background()
+		provider := &ProviderConfig{
+			api: &sdk.ClientWithResponses{
+				ClientInterface: mockClient,
+			},
+		}
+
+		organizationID := "4e4cd9eb-82eb-407e-a926-e5fef81cab50"
+		serviceAccountID := "4e4cd9eb-82eb-407e-a926-e5fef81cab51"
+
+		mockClient.EXPECT().
+			ServiceAccountsAPIUpdateServiceAccount(gomock.Any(), organizationID, serviceAccountID, gomock.Any()).
+			Return(nil, fmt.Errorf("mock network error"))
+
+		resource := resourceServiceAccount()
+		stateValue := cty.ObjectVal(map[string]cty.Value{
+			"organization_id": cty.StringVal(organizationID),
+			"name":            cty.StringVal("new name"),
+			"description":     cty.StringVal("new description"),
+		})
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+		state.ID = serviceAccountID
+		data := resource.Data(state)
+
+		result := resource.UpdateContext(ctx, data, provider)
+
+		r.NotNil(result)
+		r.True(result.HasError())
+		r.Len(result, 1)
+		r.Equal("updating service account: mock network error", result[0].Summary)
+	})
+
+	t.Run("when ServiceAccountsAPI responds with non-200 status then return error", func(t *testing.T) {
+		r := require.New(t)
+		mockClient := mock_sdk.NewMockClientInterface(gomock.NewController(t))
+		ctx := context.Background()
+		provider := &ProviderConfig{
+			api: &sdk.ClientWithResponses{
+				ClientInterface: mockClient,
+			},
+		}
+
+		organizationID := "4e4cd9eb-82eb-407e-a926-e5fef81cab50"
+		serviceAccountID := "4e4cd9eb-82eb-407e-a926-e5fef81cab51"
+
+		body := io.NopCloser(bytes.NewReader([]byte("mock error response")))
+
+		mockClient.EXPECT().
+			ServiceAccountsAPIUpdateServiceAccount(gomock.Any(), organizationID, serviceAccountID, gomock.Any()).
+			Return(&http.Response{
+				StatusCode: http.StatusInternalServerError,
+				Body:       body,
+			}, nil)
+
+		resource := resourceServiceAccount()
+		stateValue := cty.ObjectVal(map[string]cty.Value{
+			"organization_id": cty.StringVal(organizationID),
+			"name":            cty.StringVal("new name"),
+			"description":     cty.StringVal("new description"),
+		})
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+		state.ID = serviceAccountID
+		data := resource.Data(state)
+
+		result := resource.UpdateContext(ctx, data, provider)
+
+		r.NotNil(result)
+		r.True(result.HasError())
+		r.Len(result, 1)
+		r.Equal("updating service account: expected status code 200, received: status=500 body=mock error response", result[0].Summary)
+	})
+
+	t.Run("when ServiceAccountsAPI responds with 200 then return nil", func(t *testing.T) {
+		r := require.New(t)
+		mockClient := mock_sdk.NewMockClientInterface(gomock.NewController(t))
+		ctx := context.Background()
+		provider := &ProviderConfig{
+			api: &sdk.ClientWithResponses{
+				ClientInterface: mockClient,
+			},
+		}
+
+		userID := "4e4cd9eb-82eb-407e-a926-e5fef81cab49"
+		organizationID := "4e4cd9eb-82eb-407e-a926-e5fef81cab50"
+		serviceAccountID := "4e4cd9eb-82eb-407e-a926-e5fef81cab51"
+		name := "name"
+		description := "description"
+
+		body := io.NopCloser(bytes.NewReader([]byte(`{
+  "serviceAccount": {
+    "name": "new",
+    "description": "new description"
+  }}`)))
+		readBody := io.NopCloser(bytes.NewReader([]byte(fmt.Sprintf(`{
+  "serviceAccount": {
+    "id": %q,
+    "name": "new",
+    "email": "service-account-email",
+    "description": "new description",
+    "createdAt": "2024-12-01T15:19:40.384Z",
+    "author": {
+      "id": %q,
+      "kind": "user",
+      "email": "user-email"
+    },
+    "keys": []
+  }}`, serviceAccountID,userID))))
+
+		mockClient.EXPECT().
+			ServiceAccountsAPIUpdateServiceAccount(gomock.Any(), organizationID, serviceAccountID, gomock.Any()).
+			Return(&http.Response{
+				StatusCode: http.StatusOK,
+				Body:       body,
+			}, nil)
+		mockClient.EXPECT().
+			ServiceAccountsAPIGetServiceAccount(gomock.Any(), organizationID, serviceAccountID).
+			Return(&http.Response{
+				StatusCode: http.StatusOK,
+				Body:       readBody,
+				Header: map[string][]string{"Content-Type": {"json"}},
+			}, nil)
+
+		resource := resourceServiceAccount()
+		stateValue := cty.ObjectVal(map[string]cty.Value{
+			"organization_id": cty.StringVal(organizationID),
+			"name":            cty.StringVal(name),
+			"description":     cty.StringVal(description),
+		})
+		state := terraform.NewInstanceStateShimmedFromValue(stateValue, 0)
+		state.ID = serviceAccountID
+		data := resource.Data(state)
+
+		result := resource.UpdateContext(ctx, data, provider)
+
+		r.Nil(result)
+		r.Equal("new", data.Get("name"))
+		r.Equal("new description", data.Get("description"))
+	})
+}
diff --git a/castai/sdk/api.gen.go b/castai/sdk/api.gen.go
index 07076e1f..d2c0d3c1 100644
--- a/castai/sdk/api.gen.go
+++ b/castai/sdk/api.gen.go
@@ -410,6 +410,17 @@ type RoleBindingIsTheRoleBindingToBeUpdated struct {
 	Name string `json:"name"`
 }
 
+// CreateServiceAccountKeyRequest is the request for creating a service account key.
+type ServiceAccountsAPICreateServiceAccountKeyRequest struct {
+	// Key is the readable version of the service account key.
+	Key CastaiServiceaccountsV1beta1CreateServiceAccountKeyRequestKey `json:"key"`
+}
+
+// UpdateServiceAccountRequest is the request for updating a service account.
+type ServiceAccountsAPIUpdateServiceAccountRequest struct {
+	ServiceAccount CastaiServiceaccountsV1beta1UpdateServiceAccountRequestServiceAccount `json:"serviceAccount"`
+}
+
 // UsersAPIUpdateOrganizationUserRequest defines model for UsersAPI_UpdateOrganizationUser_request.
 type UsersAPIUpdateOrganizationUserRequest struct {
 	Role *string `json:"role,omitempty"`
@@ -1342,6 +1353,14 @@ type CastaiOperationsV1beta1OperationError struct {
 	Reason *string `json:"reason,omitempty"`
 }
 
+// Page defines how many and which fields should be returned.
+type CastaiPaginationV1beta1Page struct {
+	// Cursor that defines token indicating where to start the next page.
+	// Empty value indicates to start from beginning of the dataset.
+	Cursor *string `json:"cursor,omitempty"`
+	Limit  *string `json:"limit,omitempty"`
+}
+
 // CastaiRbacV1beta1Author defines model for castai.rbac.v1beta1.Author.
 type CastaiRbacV1beta1Author struct {
 	// Email is the email of the author.
@@ -1587,6 +1606,176 @@ type CastaiRbacV1beta1UserSubject struct {
 	Name *string `json:"name,omitempty"`
 }
 
+// Key is the readable version of the service account key.
+type CastaiServiceaccountsV1beta1CreateServiceAccountKeyRequestKey struct {
+	// ExpiresAt is the expiration time of the key.
+	// A null value means that the key will never expire.
+	ExpiresAt *time.Time `json:"expiresAt,omitempty"`
+
+	// Name is the name of the service account key.
+	Name string `json:"name"`
+}
+
+// CreateServiceAccountKeyResponse is the response for creating a service account key.
+type CastaiServiceaccountsV1beta1CreateServiceAccountKeyResponse struct {
+	// Active determines if the key is active.
+	Active *bool `json:"active,omitempty"`
+
+	// CreatedAt is the creation time of the key.
+	CreatedAt *time.Time `json:"createdAt,omitempty"`
+
+	// ExpiresAt is the expiration time of the key.
+	ExpiresAt *time.Time `json:"expiresAt,omitempty"`
+
+	// ID is the unique identifier of the key.
+	Id *string `json:"id,omitempty"`
+
+	// Name is the name of the key.
+	Name *string `json:"name,omitempty"`
+
+	// Token is the full secret key.
+	Token *string `json:"token,omitempty"`
+}
+
+// ServiceAccounts is the readable version of the service accounts.
+type CastaiServiceaccountsV1beta1CreateServiceAccountRequestServiceAccount struct {
+	// Description is the description of the role binding.
+	Description *string `json:"description,omitempty"`
+
+	// Name is the name of the service account.
+	Name string `json:"name"`
+}
+
+// CreateServiceAccountResponse is the response for creating a service account.
+type CastaiServiceaccountsV1beta1CreateServiceAccountResponse struct {
+	Author      *CastaiServiceaccountsV1beta1CreateServiceAccountResponseAuthor `json:"author,omitempty"`
+	CreatedAt   *time.Time                                                      `json:"createdAt,omitempty"`
+	Description *string                                                         `json:"description,omitempty"`
+	Email       *string                                                         `json:"email,omitempty"`
+	Id          *string                                                         `json:"id,omitempty"`
+	Name        *string                                                         `json:"name,omitempty"`
+}
+
+// CastaiServiceaccountsV1beta1CreateServiceAccountResponseAuthor defines model for castai.serviceaccounts.v1beta1.CreateServiceAccountResponse.Author.
+type CastaiServiceaccountsV1beta1CreateServiceAccountResponseAuthor struct {
+	Email *string `json:"email,omitempty"`
+	Id    *string `json:"id,omitempty"`
+}
+
+// DeleteServiceAccountKeyResponse is the response for deleting a service account key.
+type CastaiServiceaccountsV1beta1DeleteServiceAccountKeyResponse = map[string]interface{}
+
+// DeleteServiceAccountResponse is the response for deleting a service account.
+type CastaiServiceaccountsV1beta1DeleteServiceAccountResponse = map[string]interface{}
+
+// GetServiceAccountResponse is the response for getting a service account.
+type CastaiServiceaccountsV1beta1GetServiceAccountResponse struct {
+	// ServiceAccounts is the readable version of the service accounts.
+	ServiceAccount CastaiServiceaccountsV1beta1ServiceAccount `json:"serviceAccount"`
+}
+
+// ListServiceAccountsResponse is the response for listing service accounts.
+type CastaiServiceaccountsV1beta1ListServiceAccountsResponse struct {
+	// Page defines how many and which fields should be returned.
+	NextPage CastaiPaginationV1beta1Page `json:"nextPage"`
+
+	// ServiceAccounts is the list of service accounts.
+	ServiceAccounts *[]CastaiServiceaccountsV1beta1ServiceAccount `json:"serviceAccounts,omitempty"`
+
+	// TotalCount is the total number of service accounts in the dataset.
+	TotalCount *string `json:"totalCount,omitempty"`
+}
+
+// ServiceAccounts is the readable version of the service accounts.
+type CastaiServiceaccountsV1beta1ServiceAccount struct {
+	// Author is the author of the service account.
+	Author *CastaiServiceaccountsV1beta1ServiceAccountAuthor `json:"author,omitempty"`
+
+	// CreatedAt is the timestamp when the service account was created.
+	CreatedAt *time.Time `json:"createdAt,omitempty"`
+
+	// Description is the description of the role binding.
+	Description *string `json:"description,omitempty"`
+
+	// Email is the email of the service account.
+	Email *string `json:"email,omitempty"`
+
+	// ID is the unique identifier of the service account.
+	Id *string `json:"id,omitempty"`
+
+	// Keys is the list of keys associated with the service account.
+	Keys *[]CastaiServiceaccountsV1beta1ServiceAccountKey `json:"keys,omitempty"`
+
+	// Name is the name of the service account.
+	Name *string `json:"name,omitempty"`
+}
+
+// Author is the author of the service account.
+type CastaiServiceaccountsV1beta1ServiceAccountAuthor struct {
+	// Email is the email of the author.
+	Email *string `json:"email,omitempty"`
+
+	// ID is the unique identifier of the author.
+	Id *string `json:"id,omitempty"`
+
+	// Kind is the kind of the author.
+	Kind *string `json:"kind,omitempty"`
+}
+
+// Key is the key for the service account.
+type CastaiServiceaccountsV1beta1ServiceAccountKey struct {
+	// Active determines if the key is active.
+	Active *bool `json:"active,omitempty"`
+
+	// ExpiresAt is the expiration time of the key.
+	ExpiresAt *time.Time `json:"expiresAt,omitempty"`
+
+	// ID is the unique identifier of the key.
+	Id *string `json:"id,omitempty"`
+
+	// LastUsedAt is the last time the key was used.
+	LastUsedAt *time.Time `json:"lastUsedAt,omitempty"`
+
+	// Name is the name of the key.
+	Name *string `json:"name,omitempty"`
+
+	// Prefix is the prefix of the key.
+	Prefix *string `json:"prefix,omitempty"`
+}
+
+// UpdateServiceAccountKeyResponse is the response for updating a service account key.
+type CastaiServiceaccountsV1beta1UpdateServiceAccountKeyResponse struct {
+	// Active determines if the key is active.
+	Active *bool `json:"active,omitempty"`
+
+	// ExpiresAt is the expiration time of the key.
+	ExpiresAt *time.Time `json:"expiresAt,omitempty"`
+
+	// ID is the unique identifier of the key.
+	Id *string `json:"id,omitempty"`
+
+	// LastUsedAt is the last time the key was used.
+	LastUsedAt *time.Time `json:"lastUsedAt,omitempty"`
+
+	// Name is the name of the key.
+	Name *string `json:"name,omitempty"`
+
+	// Prefix is the prefix of the key.
+	Prefix *string `json:"prefix,omitempty"`
+}
+
+// CastaiServiceaccountsV1beta1UpdateServiceAccountRequestServiceAccount defines model for castai.serviceaccounts.v1beta1.UpdateServiceAccountRequest.ServiceAccount.
+type CastaiServiceaccountsV1beta1UpdateServiceAccountRequestServiceAccount struct {
+	Description *string `json:"description,omitempty"`
+	Name        string  `json:"name"`
+}
+
+// UpdateServiceAccountResponse is the response for updating a service account.
+type CastaiServiceaccountsV1beta1UpdateServiceAccountResponse struct {
+	// ServiceAccounts is the readable version of the service accounts.
+	ServiceAccount CastaiServiceaccountsV1beta1ServiceAccount `json:"serviceAccount"`
+}
+
 // AzureAAD represents a Azure AAD connector.
 type CastaiSsoV1beta1AzureAAD struct {
 	// ADDomain is the domain of the Azure AD.
@@ -4662,6 +4851,29 @@ type RbacServiceAPICreateRoleBindingsJSONBody = []CastaiRbacV1beta1CreateRoleBin
 // RbacServiceAPIUpdateRoleBindingJSONBody defines parameters for RbacServiceAPIUpdateRoleBinding.
 type RbacServiceAPIUpdateRoleBindingJSONBody = RoleBindingIsTheRoleBindingToBeUpdated
 
+// ServiceAccountsAPIListServiceAccountsParams defines parameters for ServiceAccountsAPIListServiceAccounts.
+type ServiceAccountsAPIListServiceAccountsParams struct {
+	PageLimit *string `form:"page.limit,omitempty" json:"page.limit,omitempty"`
+
+	// Cursor that defines token indicating where to start the next page.
+	// Empty value indicates to start from beginning of the dataset.
+	PageCursor *string `form:"page.cursor,omitempty" json:"page.cursor,omitempty"`
+}
+
+// ServiceAccountsAPICreateServiceAccountJSONBody defines parameters for ServiceAccountsAPICreateServiceAccount.
+type ServiceAccountsAPICreateServiceAccountJSONBody = CastaiServiceaccountsV1beta1CreateServiceAccountRequestServiceAccount
+
+// ServiceAccountsAPIUpdateServiceAccountJSONBody defines parameters for ServiceAccountsAPIUpdateServiceAccount.
+type ServiceAccountsAPIUpdateServiceAccountJSONBody = ServiceAccountsAPIUpdateServiceAccountRequest
+
+// ServiceAccountsAPICreateServiceAccountKeyJSONBody defines parameters for ServiceAccountsAPICreateServiceAccountKey.
+type ServiceAccountsAPICreateServiceAccountKeyJSONBody = ServiceAccountsAPICreateServiceAccountKeyRequest
+
+// ServiceAccountsAPIUpdateServiceAccountKeyParams defines parameters for ServiceAccountsAPIUpdateServiceAccountKey.
+type ServiceAccountsAPIUpdateServiceAccountKeyParams struct {
+	KeyActive bool `form:"key.active" json:"key.active"`
+}
+
 // UsersAPIRemoveOrganizationUsersParams defines parameters for UsersAPIRemoveOrganizationUsers.
 type UsersAPIRemoveOrganizationUsersParams struct {
 	// Users is the list of user ids to remove.
@@ -4924,6 +5136,15 @@ type RbacServiceAPICreateRoleBindingsJSONRequestBody = RbacServiceAPICreateRoleB
 // RbacServiceAPIUpdateRoleBindingJSONRequestBody defines body for RbacServiceAPIUpdateRoleBinding for application/json ContentType.
 type RbacServiceAPIUpdateRoleBindingJSONRequestBody = RbacServiceAPIUpdateRoleBindingJSONBody
 
+// ServiceAccountsAPICreateServiceAccountJSONRequestBody defines body for ServiceAccountsAPICreateServiceAccount for application/json ContentType.
+type ServiceAccountsAPICreateServiceAccountJSONRequestBody = ServiceAccountsAPICreateServiceAccountJSONBody
+
+// ServiceAccountsAPIUpdateServiceAccountJSONRequestBody defines body for ServiceAccountsAPIUpdateServiceAccount for application/json ContentType.
+type ServiceAccountsAPIUpdateServiceAccountJSONRequestBody = ServiceAccountsAPIUpdateServiceAccountJSONBody
+
+// ServiceAccountsAPICreateServiceAccountKeyJSONRequestBody defines body for ServiceAccountsAPICreateServiceAccountKey for application/json ContentType.
+type ServiceAccountsAPICreateServiceAccountKeyJSONRequestBody = ServiceAccountsAPICreateServiceAccountKeyJSONBody
+
 // UsersAPIAddUserToOrganizationJSONRequestBody defines body for UsersAPIAddUserToOrganization for application/json ContentType.
 type UsersAPIAddUserToOrganizationJSONRequestBody = UsersAPIAddUserToOrganizationJSONBody
 
diff --git a/castai/sdk/client.gen.go b/castai/sdk/client.gen.go
index d0b70865..bccd2fdd 100644
--- a/castai/sdk/client.gen.go
+++ b/castai/sdk/client.gen.go
@@ -422,6 +422,36 @@ type ClientInterface interface {
 
 	RbacServiceAPIUpdateRoleBinding(ctx context.Context, organizationId string, roleBindingId string, body RbacServiceAPIUpdateRoleBindingJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error)
 
+	// ServiceAccountsAPIListServiceAccounts request
+	ServiceAccountsAPIListServiceAccounts(ctx context.Context, organizationId string, params *ServiceAccountsAPIListServiceAccountsParams, reqEditors ...RequestEditorFn) (*http.Response, error)
+
+	// ServiceAccountsAPICreateServiceAccount request with any body
+	ServiceAccountsAPICreateServiceAccountWithBody(ctx context.Context, organizationId string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error)
+
+	ServiceAccountsAPICreateServiceAccount(ctx context.Context, organizationId string, body ServiceAccountsAPICreateServiceAccountJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error)
+
+	// ServiceAccountsAPIDeleteServiceAccount request
+	ServiceAccountsAPIDeleteServiceAccount(ctx context.Context, organizationId string, serviceAccountId string, reqEditors ...RequestEditorFn) (*http.Response, error)
+
+	// ServiceAccountsAPIGetServiceAccount request
+	ServiceAccountsAPIGetServiceAccount(ctx context.Context, organizationId string, serviceAccountId string, reqEditors ...RequestEditorFn) (*http.Response, error)
+
+	// ServiceAccountsAPIUpdateServiceAccount request with any body
+	ServiceAccountsAPIUpdateServiceAccountWithBody(ctx context.Context, organizationId string, serviceAccountId string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error)
+
+	ServiceAccountsAPIUpdateServiceAccount(ctx context.Context, organizationId string, serviceAccountId string, body ServiceAccountsAPIUpdateServiceAccountJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error)
+
+	// ServiceAccountsAPICreateServiceAccountKey request with any body
+	ServiceAccountsAPICreateServiceAccountKeyWithBody(ctx context.Context, organizationId string, serviceAccountId string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error)
+
+	ServiceAccountsAPICreateServiceAccountKey(ctx context.Context, organizationId string, serviceAccountId string, body ServiceAccountsAPICreateServiceAccountKeyJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error)
+
+	// ServiceAccountsAPIUpdateServiceAccountKey request
+	ServiceAccountsAPIUpdateServiceAccountKey(ctx context.Context, organizationId string, serviceAccountId string, keyId string, params *ServiceAccountsAPIUpdateServiceAccountKeyParams, reqEditors ...RequestEditorFn) (*http.Response, error)
+
+	// ServiceAccountsAPIDeleteServiceAccountKey request
+	ServiceAccountsAPIDeleteServiceAccountKey(ctx context.Context, organizationId string, serviceAccountId string, keyId string, reqEditors ...RequestEditorFn) (*http.Response, error)
+
 	// UsersAPIRemoveOrganizationUsers request
 	UsersAPIRemoveOrganizationUsers(ctx context.Context, organizationId string, params *UsersAPIRemoveOrganizationUsersParams, reqEditors ...RequestEditorFn) (*http.Response, error)
 
@@ -2059,6 +2089,138 @@ func (c *Client) RbacServiceAPIUpdateRoleBinding(ctx context.Context, organizati
 	return c.Client.Do(req)
 }
 
+func (c *Client) ServiceAccountsAPIListServiceAccounts(ctx context.Context, organizationId string, params *ServiceAccountsAPIListServiceAccountsParams, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewServiceAccountsAPIListServiceAccountsRequest(c.Server, organizationId, params)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
+func (c *Client) ServiceAccountsAPICreateServiceAccountWithBody(ctx context.Context, organizationId string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewServiceAccountsAPICreateServiceAccountRequestWithBody(c.Server, organizationId, contentType, body)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
+func (c *Client) ServiceAccountsAPICreateServiceAccount(ctx context.Context, organizationId string, body ServiceAccountsAPICreateServiceAccountJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewServiceAccountsAPICreateServiceAccountRequest(c.Server, organizationId, body)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
+func (c *Client) ServiceAccountsAPIDeleteServiceAccount(ctx context.Context, organizationId string, serviceAccountId string, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewServiceAccountsAPIDeleteServiceAccountRequest(c.Server, organizationId, serviceAccountId)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
+func (c *Client) ServiceAccountsAPIGetServiceAccount(ctx context.Context, organizationId string, serviceAccountId string, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewServiceAccountsAPIGetServiceAccountRequest(c.Server, organizationId, serviceAccountId)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
+func (c *Client) ServiceAccountsAPIUpdateServiceAccountWithBody(ctx context.Context, organizationId string, serviceAccountId string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewServiceAccountsAPIUpdateServiceAccountRequestWithBody(c.Server, organizationId, serviceAccountId, contentType, body)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
+func (c *Client) ServiceAccountsAPIUpdateServiceAccount(ctx context.Context, organizationId string, serviceAccountId string, body ServiceAccountsAPIUpdateServiceAccountJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewServiceAccountsAPIUpdateServiceAccountRequest(c.Server, organizationId, serviceAccountId, body)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
+func (c *Client) ServiceAccountsAPICreateServiceAccountKeyWithBody(ctx context.Context, organizationId string, serviceAccountId string, contentType string, body io.Reader, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewServiceAccountsAPICreateServiceAccountKeyRequestWithBody(c.Server, organizationId, serviceAccountId, contentType, body)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
+func (c *Client) ServiceAccountsAPICreateServiceAccountKey(ctx context.Context, organizationId string, serviceAccountId string, body ServiceAccountsAPICreateServiceAccountKeyJSONRequestBody, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewServiceAccountsAPICreateServiceAccountKeyRequest(c.Server, organizationId, serviceAccountId, body)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
+func (c *Client) ServiceAccountsAPIUpdateServiceAccountKey(ctx context.Context, organizationId string, serviceAccountId string, keyId string, params *ServiceAccountsAPIUpdateServiceAccountKeyParams, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewServiceAccountsAPIUpdateServiceAccountKeyRequest(c.Server, organizationId, serviceAccountId, keyId, params)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
+func (c *Client) ServiceAccountsAPIDeleteServiceAccountKey(ctx context.Context, organizationId string, serviceAccountId string, keyId string, reqEditors ...RequestEditorFn) (*http.Response, error) {
+	req, err := NewServiceAccountsAPIDeleteServiceAccountKeyRequest(c.Server, organizationId, serviceAccountId, keyId)
+	if err != nil {
+		return nil, err
+	}
+	req = req.WithContext(ctx)
+	if err := c.applyEditors(ctx, req, reqEditors); err != nil {
+		return nil, err
+	}
+	return c.Client.Do(req)
+}
+
 func (c *Client) UsersAPIRemoveOrganizationUsers(ctx context.Context, organizationId string, params *UsersAPIRemoveOrganizationUsersParams, reqEditors ...RequestEditorFn) (*http.Response, error) {
 	req, err := NewUsersAPIRemoveOrganizationUsersRequest(c.Server, organizationId, params)
 	if err != nil {
@@ -6899,8 +7061,8 @@ func NewRbacServiceAPIUpdateRoleBindingRequestWithBody(server string, organizati
 	return req, nil
 }
 
-// NewUsersAPIRemoveOrganizationUsersRequest generates requests for UsersAPIRemoveOrganizationUsers
-func NewUsersAPIRemoveOrganizationUsersRequest(server string, organizationId string, params *UsersAPIRemoveOrganizationUsersParams) (*http.Request, error) {
+// NewServiceAccountsAPIListServiceAccountsRequest generates requests for ServiceAccountsAPIListServiceAccounts
+func NewServiceAccountsAPIListServiceAccountsRequest(server string, organizationId string, params *ServiceAccountsAPIListServiceAccountsParams) (*http.Request, error) {
 	var err error
 
 	var pathParam0 string
@@ -6915,7 +7077,7 @@ func NewUsersAPIRemoveOrganizationUsersRequest(server string, organizationId str
 		return nil, err
 	}
 
-	operationPath := fmt.Sprintf("/v1/organizations/%s/users", pathParam0)
+	operationPath := fmt.Sprintf("/v1/organizations/%s/service-accounts", pathParam0)
 	if operationPath[0] == '/' {
 		operationPath = "." + operationPath
 	}
@@ -6927,59 +7089,25 @@ func NewUsersAPIRemoveOrganizationUsersRequest(server string, organizationId str
 
 	queryValues := queryURL.Query()
 
-	if queryFrag, err := runtime.StyleParamWithLocation("form", true, "users", runtime.ParamLocationQuery, params.Users); err != nil {
-		return nil, err
-	} else if parsed, err := url.ParseQuery(queryFrag); err != nil {
-		return nil, err
-	} else {
-		for k, v := range parsed {
-			for _, v2 := range v {
-				queryValues.Add(k, v2)
+	if params.PageLimit != nil {
+
+		if queryFrag, err := runtime.StyleParamWithLocation("form", true, "page.limit", runtime.ParamLocationQuery, *params.PageLimit); err != nil {
+			return nil, err
+		} else if parsed, err := url.ParseQuery(queryFrag); err != nil {
+			return nil, err
+		} else {
+			for k, v := range parsed {
+				for _, v2 := range v {
+					queryValues.Add(k, v2)
+				}
 			}
 		}
-	}
-
-	queryURL.RawQuery = queryValues.Encode()
-
-	req, err := http.NewRequest("DELETE", queryURL.String(), nil)
-	if err != nil {
-		return nil, err
-	}
-
-	return req, nil
-}
-
-// NewUsersAPIListOrganizationUsersRequest generates requests for UsersAPIListOrganizationUsers
-func NewUsersAPIListOrganizationUsersRequest(server string, organizationId string, params *UsersAPIListOrganizationUsersParams) (*http.Request, error) {
-	var err error
-
-	var pathParam0 string
 
-	pathParam0, err = runtime.StyleParamWithLocation("simple", false, "organizationId", runtime.ParamLocationPath, organizationId)
-	if err != nil {
-		return nil, err
-	}
-
-	serverURL, err := url.Parse(server)
-	if err != nil {
-		return nil, err
-	}
-
-	operationPath := fmt.Sprintf("/v1/organizations/%s/users", pathParam0)
-	if operationPath[0] == '/' {
-		operationPath = "." + operationPath
-	}
-
-	queryURL, err := serverURL.Parse(operationPath)
-	if err != nil {
-		return nil, err
 	}
 
-	queryValues := queryURL.Query()
-
-	if params.IncludeGroups != nil {
+	if params.PageCursor != nil {
 
-		if queryFrag, err := runtime.StyleParamWithLocation("form", true, "includeGroups", runtime.ParamLocationQuery, *params.IncludeGroups); err != nil {
+		if queryFrag, err := runtime.StyleParamWithLocation("form", true, "page.cursor", runtime.ParamLocationQuery, *params.PageCursor); err != nil {
 			return nil, err
 		} else if parsed, err := url.ParseQuery(queryFrag); err != nil {
 			return nil, err
@@ -7003,19 +7131,19 @@ func NewUsersAPIListOrganizationUsersRequest(server string, organizationId strin
 	return req, nil
 }
 
-// NewUsersAPIAddUserToOrganizationRequest calls the generic UsersAPIAddUserToOrganization builder with application/json body
-func NewUsersAPIAddUserToOrganizationRequest(server string, organizationId string, body UsersAPIAddUserToOrganizationJSONRequestBody) (*http.Request, error) {
+// NewServiceAccountsAPICreateServiceAccountRequest calls the generic ServiceAccountsAPICreateServiceAccount builder with application/json body
+func NewServiceAccountsAPICreateServiceAccountRequest(server string, organizationId string, body ServiceAccountsAPICreateServiceAccountJSONRequestBody) (*http.Request, error) {
 	var bodyReader io.Reader
 	buf, err := json.Marshal(body)
 	if err != nil {
 		return nil, err
 	}
 	bodyReader = bytes.NewReader(buf)
-	return NewUsersAPIAddUserToOrganizationRequestWithBody(server, organizationId, "application/json", bodyReader)
+	return NewServiceAccountsAPICreateServiceAccountRequestWithBody(server, organizationId, "application/json", bodyReader)
 }
 
-// NewUsersAPIAddUserToOrganizationRequestWithBody generates requests for UsersAPIAddUserToOrganization with any type of body
-func NewUsersAPIAddUserToOrganizationRequestWithBody(server string, organizationId string, contentType string, body io.Reader) (*http.Request, error) {
+// NewServiceAccountsAPICreateServiceAccountRequestWithBody generates requests for ServiceAccountsAPICreateServiceAccount with any type of body
+func NewServiceAccountsAPICreateServiceAccountRequestWithBody(server string, organizationId string, contentType string, body io.Reader) (*http.Request, error) {
 	var err error
 
 	var pathParam0 string
@@ -7030,7 +7158,7 @@ func NewUsersAPIAddUserToOrganizationRequestWithBody(server string, organization
 		return nil, err
 	}
 
-	operationPath := fmt.Sprintf("/v1/organizations/%s/users", pathParam0)
+	operationPath := fmt.Sprintf("/v1/organizations/%s/service-accounts", pathParam0)
 	if operationPath[0] == '/' {
 		operationPath = "." + operationPath
 	}
@@ -7050,8 +7178,8 @@ func NewUsersAPIAddUserToOrganizationRequestWithBody(server string, organization
 	return req, nil
 }
 
-// NewUsersAPIRemoveUserFromOrganizationRequest generates requests for UsersAPIRemoveUserFromOrganization
-func NewUsersAPIRemoveUserFromOrganizationRequest(server string, organizationId string, userId string) (*http.Request, error) {
+// NewServiceAccountsAPIDeleteServiceAccountRequest generates requests for ServiceAccountsAPIDeleteServiceAccount
+func NewServiceAccountsAPIDeleteServiceAccountRequest(server string, organizationId string, serviceAccountId string) (*http.Request, error) {
 	var err error
 
 	var pathParam0 string
@@ -7063,7 +7191,7 @@ func NewUsersAPIRemoveUserFromOrganizationRequest(server string, organizationId
 
 	var pathParam1 string
 
-	pathParam1, err = runtime.StyleParamWithLocation("simple", false, "userId", runtime.ParamLocationPath, userId)
+	pathParam1, err = runtime.StyleParamWithLocation("simple", false, "serviceAccountId", runtime.ParamLocationPath, serviceAccountId)
 	if err != nil {
 		return nil, err
 	}
@@ -7073,7 +7201,7 @@ func NewUsersAPIRemoveUserFromOrganizationRequest(server string, organizationId
 		return nil, err
 	}
 
-	operationPath := fmt.Sprintf("/v1/organizations/%s/users/%s", pathParam0, pathParam1)
+	operationPath := fmt.Sprintf("/v1/organizations/%s/service-accounts/%s", pathParam0, pathParam1)
 	if operationPath[0] == '/' {
 		operationPath = "." + operationPath
 	}
@@ -7091,19 +7219,8 @@ func NewUsersAPIRemoveUserFromOrganizationRequest(server string, organizationId
 	return req, nil
 }
 
-// NewUsersAPIUpdateOrganizationUserRequest calls the generic UsersAPIUpdateOrganizationUser builder with application/json body
-func NewUsersAPIUpdateOrganizationUserRequest(server string, organizationId string, userId string, body UsersAPIUpdateOrganizationUserJSONRequestBody) (*http.Request, error) {
-	var bodyReader io.Reader
-	buf, err := json.Marshal(body)
-	if err != nil {
-		return nil, err
-	}
-	bodyReader = bytes.NewReader(buf)
-	return NewUsersAPIUpdateOrganizationUserRequestWithBody(server, organizationId, userId, "application/json", bodyReader)
-}
-
-// NewUsersAPIUpdateOrganizationUserRequestWithBody generates requests for UsersAPIUpdateOrganizationUser with any type of body
-func NewUsersAPIUpdateOrganizationUserRequestWithBody(server string, organizationId string, userId string, contentType string, body io.Reader) (*http.Request, error) {
+// NewServiceAccountsAPIGetServiceAccountRequest generates requests for ServiceAccountsAPIGetServiceAccount
+func NewServiceAccountsAPIGetServiceAccountRequest(server string, organizationId string, serviceAccountId string) (*http.Request, error) {
 	var err error
 
 	var pathParam0 string
@@ -7115,7 +7232,7 @@ func NewUsersAPIUpdateOrganizationUserRequestWithBody(server string, organizatio
 
 	var pathParam1 string
 
-	pathParam1, err = runtime.StyleParamWithLocation("simple", false, "userId", runtime.ParamLocationPath, userId)
+	pathParam1, err = runtime.StyleParamWithLocation("simple", false, "serviceAccountId", runtime.ParamLocationPath, serviceAccountId)
 	if err != nil {
 		return nil, err
 	}
@@ -7125,7 +7242,7 @@ func NewUsersAPIUpdateOrganizationUserRequestWithBody(server string, organizatio
 		return nil, err
 	}
 
-	operationPath := fmt.Sprintf("/v1/organizations/%s/users/%s", pathParam0, pathParam1)
+	operationPath := fmt.Sprintf("/v1/organizations/%s/service-accounts/%s", pathParam0, pathParam1)
 	if operationPath[0] == '/' {
 		operationPath = "." + operationPath
 	}
@@ -7135,18 +7252,27 @@ func NewUsersAPIUpdateOrganizationUserRequestWithBody(server string, organizatio
 		return nil, err
 	}
 
-	req, err := http.NewRequest("PUT", queryURL.String(), body)
+	req, err := http.NewRequest("GET", queryURL.String(), nil)
 	if err != nil {
 		return nil, err
 	}
 
-	req.Header.Add("Content-Type", contentType)
-
 	return req, nil
 }
 
-// NewUsersAPIListUserGroupsRequest generates requests for UsersAPIListUserGroups
-func NewUsersAPIListUserGroupsRequest(server string, organizationId string, userId string) (*http.Request, error) {
+// NewServiceAccountsAPIUpdateServiceAccountRequest calls the generic ServiceAccountsAPIUpdateServiceAccount builder with application/json body
+func NewServiceAccountsAPIUpdateServiceAccountRequest(server string, organizationId string, serviceAccountId string, body ServiceAccountsAPIUpdateServiceAccountJSONRequestBody) (*http.Request, error) {
+	var bodyReader io.Reader
+	buf, err := json.Marshal(body)
+	if err != nil {
+		return nil, err
+	}
+	bodyReader = bytes.NewReader(buf)
+	return NewServiceAccountsAPIUpdateServiceAccountRequestWithBody(server, organizationId, serviceAccountId, "application/json", bodyReader)
+}
+
+// NewServiceAccountsAPIUpdateServiceAccountRequestWithBody generates requests for ServiceAccountsAPIUpdateServiceAccount with any type of body
+func NewServiceAccountsAPIUpdateServiceAccountRequestWithBody(server string, organizationId string, serviceAccountId string, contentType string, body io.Reader) (*http.Request, error) {
 	var err error
 
 	var pathParam0 string
@@ -7158,7 +7284,7 @@ func NewUsersAPIListUserGroupsRequest(server string, organizationId string, user
 
 	var pathParam1 string
 
-	pathParam1, err = runtime.StyleParamWithLocation("simple", false, "userId", runtime.ParamLocationPath, userId)
+	pathParam1, err = runtime.StyleParamWithLocation("simple", false, "serviceAccountId", runtime.ParamLocationPath, serviceAccountId)
 	if err != nil {
 		return nil, err
 	}
@@ -7168,7 +7294,7 @@ func NewUsersAPIListUserGroupsRequest(server string, organizationId string, user
 		return nil, err
 	}
 
-	operationPath := fmt.Sprintf("/v1/organizations/%s/users/%s/groups", pathParam0, pathParam1)
+	operationPath := fmt.Sprintf("/v1/organizations/%s/service-accounts/%s", pathParam0, pathParam1)
 	if operationPath[0] == '/' {
 		operationPath = "." + operationPath
 	}
@@ -7178,24 +7304,51 @@ func NewUsersAPIListUserGroupsRequest(server string, organizationId string, user
 		return nil, err
 	}
 
-	req, err := http.NewRequest("GET", queryURL.String(), nil)
+	req, err := http.NewRequest("PATCH", queryURL.String(), body)
 	if err != nil {
 		return nil, err
 	}
 
+	req.Header.Add("Content-Type", contentType)
+
 	return req, nil
 }
 
-// NewScheduledRebalancingAPIListRebalancingSchedulesRequest generates requests for ScheduledRebalancingAPIListRebalancingSchedules
-func NewScheduledRebalancingAPIListRebalancingSchedulesRequest(server string) (*http.Request, error) {
+// NewServiceAccountsAPICreateServiceAccountKeyRequest calls the generic ServiceAccountsAPICreateServiceAccountKey builder with application/json body
+func NewServiceAccountsAPICreateServiceAccountKeyRequest(server string, organizationId string, serviceAccountId string, body ServiceAccountsAPICreateServiceAccountKeyJSONRequestBody) (*http.Request, error) {
+	var bodyReader io.Reader
+	buf, err := json.Marshal(body)
+	if err != nil {
+		return nil, err
+	}
+	bodyReader = bytes.NewReader(buf)
+	return NewServiceAccountsAPICreateServiceAccountKeyRequestWithBody(server, organizationId, serviceAccountId, "application/json", bodyReader)
+}
+
+// NewServiceAccountsAPICreateServiceAccountKeyRequestWithBody generates requests for ServiceAccountsAPICreateServiceAccountKey with any type of body
+func NewServiceAccountsAPICreateServiceAccountKeyRequestWithBody(server string, organizationId string, serviceAccountId string, contentType string, body io.Reader) (*http.Request, error) {
 	var err error
 
+	var pathParam0 string
+
+	pathParam0, err = runtime.StyleParamWithLocation("simple", false, "organizationId", runtime.ParamLocationPath, organizationId)
+	if err != nil {
+		return nil, err
+	}
+
+	var pathParam1 string
+
+	pathParam1, err = runtime.StyleParamWithLocation("simple", false, "serviceAccountId", runtime.ParamLocationPath, serviceAccountId)
+	if err != nil {
+		return nil, err
+	}
+
 	serverURL, err := url.Parse(server)
 	if err != nil {
 		return nil, err
 	}
 
-	operationPath := fmt.Sprintf("/v1/rebalancing-schedules")
+	operationPath := fmt.Sprintf("/v1/organizations/%s/service-accounts/%s/keys", pathParam0, pathParam1)
 	if operationPath[0] == '/' {
 		operationPath = "." + operationPath
 	}
@@ -7205,12 +7358,440 @@ func NewScheduledRebalancingAPIListRebalancingSchedulesRequest(server string) (*
 		return nil, err
 	}
 
-	req, err := http.NewRequest("GET", queryURL.String(), nil)
+	req, err := http.NewRequest("POST", queryURL.String(), body)
 	if err != nil {
 		return nil, err
 	}
 
-	return req, nil
+	req.Header.Add("Content-Type", contentType)
+
+	return req, nil
+}
+
+// NewServiceAccountsAPIUpdateServiceAccountKeyRequest generates requests for ServiceAccountsAPIUpdateServiceAccountKey
+func NewServiceAccountsAPIUpdateServiceAccountKeyRequest(server string, organizationId string, serviceAccountId string, keyId string, params *ServiceAccountsAPIUpdateServiceAccountKeyParams) (*http.Request, error) {
+	var err error
+
+	var pathParam0 string
+
+	pathParam0, err = runtime.StyleParamWithLocation("simple", false, "organizationId", runtime.ParamLocationPath, organizationId)
+	if err != nil {
+		return nil, err
+	}
+
+	var pathParam1 string
+
+	pathParam1, err = runtime.StyleParamWithLocation("simple", false, "serviceAccountId", runtime.ParamLocationPath, serviceAccountId)
+	if err != nil {
+		return nil, err
+	}
+
+	var pathParam2 string
+
+	pathParam2, err = runtime.StyleParamWithLocation("simple", false, "key.id", runtime.ParamLocationPath, keyId)
+	if err != nil {
+		return nil, err
+	}
+
+	serverURL, err := url.Parse(server)
+	if err != nil {
+		return nil, err
+	}
+
+	operationPath := fmt.Sprintf("/v1/organizations/%s/service-accounts/%s/keys/%s", pathParam0, pathParam1, pathParam2)
+	if operationPath[0] == '/' {
+		operationPath = "." + operationPath
+	}
+
+	queryURL, err := serverURL.Parse(operationPath)
+	if err != nil {
+		return nil, err
+	}
+
+	queryValues := queryURL.Query()
+
+	if queryFrag, err := runtime.StyleParamWithLocation("form", true, "key.active", runtime.ParamLocationQuery, params.KeyActive); err != nil {
+		return nil, err
+	} else if parsed, err := url.ParseQuery(queryFrag); err != nil {
+		return nil, err
+	} else {
+		for k, v := range parsed {
+			for _, v2 := range v {
+				queryValues.Add(k, v2)
+			}
+		}
+	}
+
+	queryURL.RawQuery = queryValues.Encode()
+
+	req, err := http.NewRequest("PATCH", queryURL.String(), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return req, nil
+}
+
+// NewServiceAccountsAPIDeleteServiceAccountKeyRequest generates requests for ServiceAccountsAPIDeleteServiceAccountKey
+func NewServiceAccountsAPIDeleteServiceAccountKeyRequest(server string, organizationId string, serviceAccountId string, keyId string) (*http.Request, error) {
+	var err error
+
+	var pathParam0 string
+
+	pathParam0, err = runtime.StyleParamWithLocation("simple", false, "organizationId", runtime.ParamLocationPath, organizationId)
+	if err != nil {
+		return nil, err
+	}
+
+	var pathParam1 string
+
+	pathParam1, err = runtime.StyleParamWithLocation("simple", false, "serviceAccountId", runtime.ParamLocationPath, serviceAccountId)
+	if err != nil {
+		return nil, err
+	}
+
+	var pathParam2 string
+
+	pathParam2, err = runtime.StyleParamWithLocation("simple", false, "keyId", runtime.ParamLocationPath, keyId)
+	if err != nil {
+		return nil, err
+	}
+
+	serverURL, err := url.Parse(server)
+	if err != nil {
+		return nil, err
+	}
+
+	operationPath := fmt.Sprintf("/v1/organizations/%s/service-accounts/%s/keys/%s", pathParam0, pathParam1, pathParam2)
+	if operationPath[0] == '/' {
+		operationPath = "." + operationPath
+	}
+
+	queryURL, err := serverURL.Parse(operationPath)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequest("DELETE", queryURL.String(), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return req, nil
+}
+
+// NewUsersAPIRemoveOrganizationUsersRequest generates requests for UsersAPIRemoveOrganizationUsers
+func NewUsersAPIRemoveOrganizationUsersRequest(server string, organizationId string, params *UsersAPIRemoveOrganizationUsersParams) (*http.Request, error) {
+	var err error
+
+	var pathParam0 string
+
+	pathParam0, err = runtime.StyleParamWithLocation("simple", false, "organizationId", runtime.ParamLocationPath, organizationId)
+	if err != nil {
+		return nil, err
+	}
+
+	serverURL, err := url.Parse(server)
+	if err != nil {
+		return nil, err
+	}
+
+	operationPath := fmt.Sprintf("/v1/organizations/%s/users", pathParam0)
+	if operationPath[0] == '/' {
+		operationPath = "." + operationPath
+	}
+
+	queryURL, err := serverURL.Parse(operationPath)
+	if err != nil {
+		return nil, err
+	}
+
+	queryValues := queryURL.Query()
+
+	if queryFrag, err := runtime.StyleParamWithLocation("form", true, "users", runtime.ParamLocationQuery, params.Users); err != nil {
+		return nil, err
+	} else if parsed, err := url.ParseQuery(queryFrag); err != nil {
+		return nil, err
+	} else {
+		for k, v := range parsed {
+			for _, v2 := range v {
+				queryValues.Add(k, v2)
+			}
+		}
+	}
+
+	queryURL.RawQuery = queryValues.Encode()
+
+	req, err := http.NewRequest("DELETE", queryURL.String(), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return req, nil
+}
+
+// NewUsersAPIListOrganizationUsersRequest generates requests for UsersAPIListOrganizationUsers
+func NewUsersAPIListOrganizationUsersRequest(server string, organizationId string, params *UsersAPIListOrganizationUsersParams) (*http.Request, error) {
+	var err error
+
+	var pathParam0 string
+
+	pathParam0, err = runtime.StyleParamWithLocation("simple", false, "organizationId", runtime.ParamLocationPath, organizationId)
+	if err != nil {
+		return nil, err
+	}
+
+	serverURL, err := url.Parse(server)
+	if err != nil {
+		return nil, err
+	}
+
+	operationPath := fmt.Sprintf("/v1/organizations/%s/users", pathParam0)
+	if operationPath[0] == '/' {
+		operationPath = "." + operationPath
+	}
+
+	queryURL, err := serverURL.Parse(operationPath)
+	if err != nil {
+		return nil, err
+	}
+
+	queryValues := queryURL.Query()
+
+	if params.IncludeGroups != nil {
+
+		if queryFrag, err := runtime.StyleParamWithLocation("form", true, "includeGroups", runtime.ParamLocationQuery, *params.IncludeGroups); err != nil {
+			return nil, err
+		} else if parsed, err := url.ParseQuery(queryFrag); err != nil {
+			return nil, err
+		} else {
+			for k, v := range parsed {
+				for _, v2 := range v {
+					queryValues.Add(k, v2)
+				}
+			}
+		}
+
+	}
+
+	queryURL.RawQuery = queryValues.Encode()
+
+	req, err := http.NewRequest("GET", queryURL.String(), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return req, nil
+}
+
+// NewUsersAPIAddUserToOrganizationRequest calls the generic UsersAPIAddUserToOrganization builder with application/json body
+func NewUsersAPIAddUserToOrganizationRequest(server string, organizationId string, body UsersAPIAddUserToOrganizationJSONRequestBody) (*http.Request, error) {
+	var bodyReader io.Reader
+	buf, err := json.Marshal(body)
+	if err != nil {
+		return nil, err
+	}
+	bodyReader = bytes.NewReader(buf)
+	return NewUsersAPIAddUserToOrganizationRequestWithBody(server, organizationId, "application/json", bodyReader)
+}
+
+// NewUsersAPIAddUserToOrganizationRequestWithBody generates requests for UsersAPIAddUserToOrganization with any type of body
+func NewUsersAPIAddUserToOrganizationRequestWithBody(server string, organizationId string, contentType string, body io.Reader) (*http.Request, error) {
+	var err error
+
+	var pathParam0 string
+
+	pathParam0, err = runtime.StyleParamWithLocation("simple", false, "organizationId", runtime.ParamLocationPath, organizationId)
+	if err != nil {
+		return nil, err
+	}
+
+	serverURL, err := url.Parse(server)
+	if err != nil {
+		return nil, err
+	}
+
+	operationPath := fmt.Sprintf("/v1/organizations/%s/users", pathParam0)
+	if operationPath[0] == '/' {
+		operationPath = "." + operationPath
+	}
+
+	queryURL, err := serverURL.Parse(operationPath)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequest("POST", queryURL.String(), body)
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Add("Content-Type", contentType)
+
+	return req, nil
+}
+
+// NewUsersAPIRemoveUserFromOrganizationRequest generates requests for UsersAPIRemoveUserFromOrganization
+func NewUsersAPIRemoveUserFromOrganizationRequest(server string, organizationId string, userId string) (*http.Request, error) {
+	var err error
+
+	var pathParam0 string
+
+	pathParam0, err = runtime.StyleParamWithLocation("simple", false, "organizationId", runtime.ParamLocationPath, organizationId)
+	if err != nil {
+		return nil, err
+	}
+
+	var pathParam1 string
+
+	pathParam1, err = runtime.StyleParamWithLocation("simple", false, "userId", runtime.ParamLocationPath, userId)
+	if err != nil {
+		return nil, err
+	}
+
+	serverURL, err := url.Parse(server)
+	if err != nil {
+		return nil, err
+	}
+
+	operationPath := fmt.Sprintf("/v1/organizations/%s/users/%s", pathParam0, pathParam1)
+	if operationPath[0] == '/' {
+		operationPath = "." + operationPath
+	}
+
+	queryURL, err := serverURL.Parse(operationPath)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequest("DELETE", queryURL.String(), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return req, nil
+}
+
+// NewUsersAPIUpdateOrganizationUserRequest calls the generic UsersAPIUpdateOrganizationUser builder with application/json body
+func NewUsersAPIUpdateOrganizationUserRequest(server string, organizationId string, userId string, body UsersAPIUpdateOrganizationUserJSONRequestBody) (*http.Request, error) {
+	var bodyReader io.Reader
+	buf, err := json.Marshal(body)
+	if err != nil {
+		return nil, err
+	}
+	bodyReader = bytes.NewReader(buf)
+	return NewUsersAPIUpdateOrganizationUserRequestWithBody(server, organizationId, userId, "application/json", bodyReader)
+}
+
+// NewUsersAPIUpdateOrganizationUserRequestWithBody generates requests for UsersAPIUpdateOrganizationUser with any type of body
+func NewUsersAPIUpdateOrganizationUserRequestWithBody(server string, organizationId string, userId string, contentType string, body io.Reader) (*http.Request, error) {
+	var err error
+
+	var pathParam0 string
+
+	pathParam0, err = runtime.StyleParamWithLocation("simple", false, "organizationId", runtime.ParamLocationPath, organizationId)
+	if err != nil {
+		return nil, err
+	}
+
+	var pathParam1 string
+
+	pathParam1, err = runtime.StyleParamWithLocation("simple", false, "userId", runtime.ParamLocationPath, userId)
+	if err != nil {
+		return nil, err
+	}
+
+	serverURL, err := url.Parse(server)
+	if err != nil {
+		return nil, err
+	}
+
+	operationPath := fmt.Sprintf("/v1/organizations/%s/users/%s", pathParam0, pathParam1)
+	if operationPath[0] == '/' {
+		operationPath = "." + operationPath
+	}
+
+	queryURL, err := serverURL.Parse(operationPath)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequest("PUT", queryURL.String(), body)
+	if err != nil {
+		return nil, err
+	}
+
+	req.Header.Add("Content-Type", contentType)
+
+	return req, nil
+}
+
+// NewUsersAPIListUserGroupsRequest generates requests for UsersAPIListUserGroups
+func NewUsersAPIListUserGroupsRequest(server string, organizationId string, userId string) (*http.Request, error) {
+	var err error
+
+	var pathParam0 string
+
+	pathParam0, err = runtime.StyleParamWithLocation("simple", false, "organizationId", runtime.ParamLocationPath, organizationId)
+	if err != nil {
+		return nil, err
+	}
+
+	var pathParam1 string
+
+	pathParam1, err = runtime.StyleParamWithLocation("simple", false, "userId", runtime.ParamLocationPath, userId)
+	if err != nil {
+		return nil, err
+	}
+
+	serverURL, err := url.Parse(server)
+	if err != nil {
+		return nil, err
+	}
+
+	operationPath := fmt.Sprintf("/v1/organizations/%s/users/%s/groups", pathParam0, pathParam1)
+	if operationPath[0] == '/' {
+		operationPath = "." + operationPath
+	}
+
+	queryURL, err := serverURL.Parse(operationPath)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequest("GET", queryURL.String(), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return req, nil
+}
+
+// NewScheduledRebalancingAPIListRebalancingSchedulesRequest generates requests for ScheduledRebalancingAPIListRebalancingSchedules
+func NewScheduledRebalancingAPIListRebalancingSchedulesRequest(server string) (*http.Request, error) {
+	var err error
+
+	serverURL, err := url.Parse(server)
+	if err != nil {
+		return nil, err
+	}
+
+	operationPath := fmt.Sprintf("/v1/rebalancing-schedules")
+	if operationPath[0] == '/' {
+		operationPath = "." + operationPath
+	}
+
+	queryURL, err := serverURL.Parse(operationPath)
+	if err != nil {
+		return nil, err
+	}
+
+	req, err := http.NewRequest("GET", queryURL.String(), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	return req, nil
 }
 
 // NewScheduledRebalancingAPICreateRebalancingScheduleRequest calls the generic ScheduledRebalancingAPICreateRebalancingSchedule builder with application/json body
@@ -9524,6 +10105,36 @@ type ClientWithResponsesInterface interface {
 
 	RbacServiceAPIUpdateRoleBindingWithResponse(ctx context.Context, organizationId string, roleBindingId string, body RbacServiceAPIUpdateRoleBindingJSONRequestBody) (*RbacServiceAPIUpdateRoleBindingResponse, error)
 
+	// ServiceAccountsAPIListServiceAccounts request
+	ServiceAccountsAPIListServiceAccountsWithResponse(ctx context.Context, organizationId string, params *ServiceAccountsAPIListServiceAccountsParams) (*ServiceAccountsAPIListServiceAccountsResponse, error)
+
+	// ServiceAccountsAPICreateServiceAccount request  with any body
+	ServiceAccountsAPICreateServiceAccountWithBodyWithResponse(ctx context.Context, organizationId string, contentType string, body io.Reader) (*ServiceAccountsAPICreateServiceAccountResponse, error)
+
+	ServiceAccountsAPICreateServiceAccountWithResponse(ctx context.Context, organizationId string, body ServiceAccountsAPICreateServiceAccountJSONRequestBody) (*ServiceAccountsAPICreateServiceAccountResponse, error)
+
+	// ServiceAccountsAPIDeleteServiceAccount request
+	ServiceAccountsAPIDeleteServiceAccountWithResponse(ctx context.Context, organizationId string, serviceAccountId string) (*ServiceAccountsAPIDeleteServiceAccountResponse, error)
+
+	// ServiceAccountsAPIGetServiceAccount request
+	ServiceAccountsAPIGetServiceAccountWithResponse(ctx context.Context, organizationId string, serviceAccountId string) (*ServiceAccountsAPIGetServiceAccountResponse, error)
+
+	// ServiceAccountsAPIUpdateServiceAccount request  with any body
+	ServiceAccountsAPIUpdateServiceAccountWithBodyWithResponse(ctx context.Context, organizationId string, serviceAccountId string, contentType string, body io.Reader) (*ServiceAccountsAPIUpdateServiceAccountResponse, error)
+
+	ServiceAccountsAPIUpdateServiceAccountWithResponse(ctx context.Context, organizationId string, serviceAccountId string, body ServiceAccountsAPIUpdateServiceAccountJSONRequestBody) (*ServiceAccountsAPIUpdateServiceAccountResponse, error)
+
+	// ServiceAccountsAPICreateServiceAccountKey request  with any body
+	ServiceAccountsAPICreateServiceAccountKeyWithBodyWithResponse(ctx context.Context, organizationId string, serviceAccountId string, contentType string, body io.Reader) (*ServiceAccountsAPICreateServiceAccountKeyResponse, error)
+
+	ServiceAccountsAPICreateServiceAccountKeyWithResponse(ctx context.Context, organizationId string, serviceAccountId string, body ServiceAccountsAPICreateServiceAccountKeyJSONRequestBody) (*ServiceAccountsAPICreateServiceAccountKeyResponse, error)
+
+	// ServiceAccountsAPIUpdateServiceAccountKey request
+	ServiceAccountsAPIUpdateServiceAccountKeyWithResponse(ctx context.Context, organizationId string, serviceAccountId string, keyId string, params *ServiceAccountsAPIUpdateServiceAccountKeyParams) (*ServiceAccountsAPIUpdateServiceAccountKeyResponse, error)
+
+	// ServiceAccountsAPIDeleteServiceAccountKey request
+	ServiceAccountsAPIDeleteServiceAccountKeyWithResponse(ctx context.Context, organizationId string, serviceAccountId string, keyId string) (*ServiceAccountsAPIDeleteServiceAccountKeyResponse, error)
+
 	// UsersAPIRemoveOrganizationUsers request
 	UsersAPIRemoveOrganizationUsersWithResponse(ctx context.Context, organizationId string, params *UsersAPIRemoveOrganizationUsersParams) (*UsersAPIRemoveOrganizationUsersResponse, error)
 
@@ -12240,7 +12851,248 @@ func (r RbacServiceAPICreateRoleBindingsResponse) Status() string {
 }
 
 // StatusCode returns HTTPResponse.StatusCode
-func (r RbacServiceAPICreateRoleBindingsResponse) StatusCode() int {
+func (r RbacServiceAPICreateRoleBindingsResponse) StatusCode() int {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.StatusCode
+	}
+	return 0
+}
+
+// TODO: <castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+// Body returns body of byte array
+func (r RbacServiceAPICreateRoleBindingsResponse) GetBody() []byte {
+	return r.Body
+}
+
+// TODO: </castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+
+type RbacServiceAPIDeleteRoleBindingResponse struct {
+	Body         []byte
+	HTTPResponse *http.Response
+	JSON200      *CastaiRbacV1beta1DeleteRoleBindingResponse
+}
+
+// Status returns HTTPResponse.Status
+func (r RbacServiceAPIDeleteRoleBindingResponse) Status() string {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.Status
+	}
+	return http.StatusText(0)
+}
+
+// StatusCode returns HTTPResponse.StatusCode
+func (r RbacServiceAPIDeleteRoleBindingResponse) StatusCode() int {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.StatusCode
+	}
+	return 0
+}
+
+// TODO: <castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+// Body returns body of byte array
+func (r RbacServiceAPIDeleteRoleBindingResponse) GetBody() []byte {
+	return r.Body
+}
+
+// TODO: </castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+
+type RbacServiceAPIGetRoleBindingResponse struct {
+	Body         []byte
+	HTTPResponse *http.Response
+	JSON200      *CastaiRbacV1beta1RoleBinding
+}
+
+// Status returns HTTPResponse.Status
+func (r RbacServiceAPIGetRoleBindingResponse) Status() string {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.Status
+	}
+	return http.StatusText(0)
+}
+
+// StatusCode returns HTTPResponse.StatusCode
+func (r RbacServiceAPIGetRoleBindingResponse) StatusCode() int {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.StatusCode
+	}
+	return 0
+}
+
+// TODO: <castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+// Body returns body of byte array
+func (r RbacServiceAPIGetRoleBindingResponse) GetBody() []byte {
+	return r.Body
+}
+
+// TODO: </castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+
+type RbacServiceAPIUpdateRoleBindingResponse struct {
+	Body         []byte
+	HTTPResponse *http.Response
+	JSON200      *CastaiRbacV1beta1RoleBinding
+}
+
+// Status returns HTTPResponse.Status
+func (r RbacServiceAPIUpdateRoleBindingResponse) Status() string {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.Status
+	}
+	return http.StatusText(0)
+}
+
+// StatusCode returns HTTPResponse.StatusCode
+func (r RbacServiceAPIUpdateRoleBindingResponse) StatusCode() int {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.StatusCode
+	}
+	return 0
+}
+
+// TODO: <castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+// Body returns body of byte array
+func (r RbacServiceAPIUpdateRoleBindingResponse) GetBody() []byte {
+	return r.Body
+}
+
+// TODO: </castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+
+type ServiceAccountsAPIListServiceAccountsResponse struct {
+	Body         []byte
+	HTTPResponse *http.Response
+	JSON200      *CastaiServiceaccountsV1beta1ListServiceAccountsResponse
+}
+
+// Status returns HTTPResponse.Status
+func (r ServiceAccountsAPIListServiceAccountsResponse) Status() string {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.Status
+	}
+	return http.StatusText(0)
+}
+
+// StatusCode returns HTTPResponse.StatusCode
+func (r ServiceAccountsAPIListServiceAccountsResponse) StatusCode() int {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.StatusCode
+	}
+	return 0
+}
+
+// TODO: <castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+// Body returns body of byte array
+func (r ServiceAccountsAPIListServiceAccountsResponse) GetBody() []byte {
+	return r.Body
+}
+
+// TODO: </castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+
+type ServiceAccountsAPICreateServiceAccountResponse struct {
+	Body         []byte
+	HTTPResponse *http.Response
+	JSON201      *CastaiServiceaccountsV1beta1CreateServiceAccountResponse
+}
+
+// Status returns HTTPResponse.Status
+func (r ServiceAccountsAPICreateServiceAccountResponse) Status() string {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.Status
+	}
+	return http.StatusText(0)
+}
+
+// StatusCode returns HTTPResponse.StatusCode
+func (r ServiceAccountsAPICreateServiceAccountResponse) StatusCode() int {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.StatusCode
+	}
+	return 0
+}
+
+// TODO: <castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+// Body returns body of byte array
+func (r ServiceAccountsAPICreateServiceAccountResponse) GetBody() []byte {
+	return r.Body
+}
+
+// TODO: </castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+
+type ServiceAccountsAPIDeleteServiceAccountResponse struct {
+	Body         []byte
+	HTTPResponse *http.Response
+	JSON200      *CastaiServiceaccountsV1beta1DeleteServiceAccountResponse
+	JSON204      *map[string]interface{}
+}
+
+// Status returns HTTPResponse.Status
+func (r ServiceAccountsAPIDeleteServiceAccountResponse) Status() string {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.Status
+	}
+	return http.StatusText(0)
+}
+
+// StatusCode returns HTTPResponse.StatusCode
+func (r ServiceAccountsAPIDeleteServiceAccountResponse) StatusCode() int {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.StatusCode
+	}
+	return 0
+}
+
+// TODO: <castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+// Body returns body of byte array
+func (r ServiceAccountsAPIDeleteServiceAccountResponse) GetBody() []byte {
+	return r.Body
+}
+
+// TODO: </castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+
+type ServiceAccountsAPIGetServiceAccountResponse struct {
+	Body         []byte
+	HTTPResponse *http.Response
+	JSON200      *CastaiServiceaccountsV1beta1GetServiceAccountResponse
+}
+
+// Status returns HTTPResponse.Status
+func (r ServiceAccountsAPIGetServiceAccountResponse) Status() string {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.Status
+	}
+	return http.StatusText(0)
+}
+
+// StatusCode returns HTTPResponse.StatusCode
+func (r ServiceAccountsAPIGetServiceAccountResponse) StatusCode() int {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.StatusCode
+	}
+	return 0
+}
+
+// TODO: <castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+// Body returns body of byte array
+func (r ServiceAccountsAPIGetServiceAccountResponse) GetBody() []byte {
+	return r.Body
+}
+
+// TODO: </castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
+
+type ServiceAccountsAPIUpdateServiceAccountResponse struct {
+	Body         []byte
+	HTTPResponse *http.Response
+	JSON200      *CastaiServiceaccountsV1beta1UpdateServiceAccountResponse
+}
+
+// Status returns HTTPResponse.Status
+func (r ServiceAccountsAPIUpdateServiceAccountResponse) Status() string {
+	if r.HTTPResponse != nil {
+		return r.HTTPResponse.Status
+	}
+	return http.StatusText(0)
+}
+
+// StatusCode returns HTTPResponse.StatusCode
+func (r ServiceAccountsAPIUpdateServiceAccountResponse) StatusCode() int {
 	if r.HTTPResponse != nil {
 		return r.HTTPResponse.StatusCode
 	}
@@ -12249,20 +13101,21 @@ func (r RbacServiceAPICreateRoleBindingsResponse) StatusCode() int {
 
 // TODO: <castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
 // Body returns body of byte array
-func (r RbacServiceAPICreateRoleBindingsResponse) GetBody() []byte {
+func (r ServiceAccountsAPIUpdateServiceAccountResponse) GetBody() []byte {
 	return r.Body
 }
 
 // TODO: </castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
 
-type RbacServiceAPIDeleteRoleBindingResponse struct {
+type ServiceAccountsAPICreateServiceAccountKeyResponse struct {
 	Body         []byte
 	HTTPResponse *http.Response
-	JSON200      *CastaiRbacV1beta1DeleteRoleBindingResponse
+	JSON200      *CastaiServiceaccountsV1beta1CreateServiceAccountKeyResponse
+	JSON201      *map[string]interface{}
 }
 
 // Status returns HTTPResponse.Status
-func (r RbacServiceAPIDeleteRoleBindingResponse) Status() string {
+func (r ServiceAccountsAPICreateServiceAccountKeyResponse) Status() string {
 	if r.HTTPResponse != nil {
 		return r.HTTPResponse.Status
 	}
@@ -12270,7 +13123,7 @@ func (r RbacServiceAPIDeleteRoleBindingResponse) Status() string {
 }
 
 // StatusCode returns HTTPResponse.StatusCode
-func (r RbacServiceAPIDeleteRoleBindingResponse) StatusCode() int {
+func (r ServiceAccountsAPICreateServiceAccountKeyResponse) StatusCode() int {
 	if r.HTTPResponse != nil {
 		return r.HTTPResponse.StatusCode
 	}
@@ -12279,20 +13132,20 @@ func (r RbacServiceAPIDeleteRoleBindingResponse) StatusCode() int {
 
 // TODO: <castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
 // Body returns body of byte array
-func (r RbacServiceAPIDeleteRoleBindingResponse) GetBody() []byte {
+func (r ServiceAccountsAPICreateServiceAccountKeyResponse) GetBody() []byte {
 	return r.Body
 }
 
 // TODO: </castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
 
-type RbacServiceAPIGetRoleBindingResponse struct {
+type ServiceAccountsAPIUpdateServiceAccountKeyResponse struct {
 	Body         []byte
 	HTTPResponse *http.Response
-	JSON200      *CastaiRbacV1beta1RoleBinding
+	JSON200      *CastaiServiceaccountsV1beta1UpdateServiceAccountKeyResponse
 }
 
 // Status returns HTTPResponse.Status
-func (r RbacServiceAPIGetRoleBindingResponse) Status() string {
+func (r ServiceAccountsAPIUpdateServiceAccountKeyResponse) Status() string {
 	if r.HTTPResponse != nil {
 		return r.HTTPResponse.Status
 	}
@@ -12300,7 +13153,7 @@ func (r RbacServiceAPIGetRoleBindingResponse) Status() string {
 }
 
 // StatusCode returns HTTPResponse.StatusCode
-func (r RbacServiceAPIGetRoleBindingResponse) StatusCode() int {
+func (r ServiceAccountsAPIUpdateServiceAccountKeyResponse) StatusCode() int {
 	if r.HTTPResponse != nil {
 		return r.HTTPResponse.StatusCode
 	}
@@ -12309,20 +13162,20 @@ func (r RbacServiceAPIGetRoleBindingResponse) StatusCode() int {
 
 // TODO: <castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
 // Body returns body of byte array
-func (r RbacServiceAPIGetRoleBindingResponse) GetBody() []byte {
+func (r ServiceAccountsAPIUpdateServiceAccountKeyResponse) GetBody() []byte {
 	return r.Body
 }
 
 // TODO: </castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
 
-type RbacServiceAPIUpdateRoleBindingResponse struct {
+type ServiceAccountsAPIDeleteServiceAccountKeyResponse struct {
 	Body         []byte
 	HTTPResponse *http.Response
-	JSON200      *CastaiRbacV1beta1RoleBinding
+	JSON200      *CastaiServiceaccountsV1beta1DeleteServiceAccountKeyResponse
 }
 
 // Status returns HTTPResponse.Status
-func (r RbacServiceAPIUpdateRoleBindingResponse) Status() string {
+func (r ServiceAccountsAPIDeleteServiceAccountKeyResponse) Status() string {
 	if r.HTTPResponse != nil {
 		return r.HTTPResponse.Status
 	}
@@ -12330,7 +13183,7 @@ func (r RbacServiceAPIUpdateRoleBindingResponse) Status() string {
 }
 
 // StatusCode returns HTTPResponse.StatusCode
-func (r RbacServiceAPIUpdateRoleBindingResponse) StatusCode() int {
+func (r ServiceAccountsAPIDeleteServiceAccountKeyResponse) StatusCode() int {
 	if r.HTTPResponse != nil {
 		return r.HTTPResponse.StatusCode
 	}
@@ -12339,7 +13192,7 @@ func (r RbacServiceAPIUpdateRoleBindingResponse) StatusCode() int {
 
 // TODO: <castai customization> to have common interface. https://github.com/deepmap/oapi-codegen/issues/240
 // Body returns body of byte array
-func (r RbacServiceAPIUpdateRoleBindingResponse) GetBody() []byte {
+func (r ServiceAccountsAPIDeleteServiceAccountKeyResponse) GetBody() []byte {
 	return r.Body
 }
 
@@ -14845,6 +15698,102 @@ func (c *ClientWithResponses) RbacServiceAPIUpdateRoleBindingWithResponse(ctx co
 	return ParseRbacServiceAPIUpdateRoleBindingResponse(rsp)
 }
 
+// ServiceAccountsAPIListServiceAccountsWithResponse request returning *ServiceAccountsAPIListServiceAccountsResponse
+func (c *ClientWithResponses) ServiceAccountsAPIListServiceAccountsWithResponse(ctx context.Context, organizationId string, params *ServiceAccountsAPIListServiceAccountsParams) (*ServiceAccountsAPIListServiceAccountsResponse, error) {
+	rsp, err := c.ServiceAccountsAPIListServiceAccounts(ctx, organizationId, params)
+	if err != nil {
+		return nil, err
+	}
+	return ParseServiceAccountsAPIListServiceAccountsResponse(rsp)
+}
+
+// ServiceAccountsAPICreateServiceAccountWithBodyWithResponse request with arbitrary body returning *ServiceAccountsAPICreateServiceAccountResponse
+func (c *ClientWithResponses) ServiceAccountsAPICreateServiceAccountWithBodyWithResponse(ctx context.Context, organizationId string, contentType string, body io.Reader) (*ServiceAccountsAPICreateServiceAccountResponse, error) {
+	rsp, err := c.ServiceAccountsAPICreateServiceAccountWithBody(ctx, organizationId, contentType, body)
+	if err != nil {
+		return nil, err
+	}
+	return ParseServiceAccountsAPICreateServiceAccountResponse(rsp)
+}
+
+func (c *ClientWithResponses) ServiceAccountsAPICreateServiceAccountWithResponse(ctx context.Context, organizationId string, body ServiceAccountsAPICreateServiceAccountJSONRequestBody) (*ServiceAccountsAPICreateServiceAccountResponse, error) {
+	rsp, err := c.ServiceAccountsAPICreateServiceAccount(ctx, organizationId, body)
+	if err != nil {
+		return nil, err
+	}
+	return ParseServiceAccountsAPICreateServiceAccountResponse(rsp)
+}
+
+// ServiceAccountsAPIDeleteServiceAccountWithResponse request returning *ServiceAccountsAPIDeleteServiceAccountResponse
+func (c *ClientWithResponses) ServiceAccountsAPIDeleteServiceAccountWithResponse(ctx context.Context, organizationId string, serviceAccountId string) (*ServiceAccountsAPIDeleteServiceAccountResponse, error) {
+	rsp, err := c.ServiceAccountsAPIDeleteServiceAccount(ctx, organizationId, serviceAccountId)
+	if err != nil {
+		return nil, err
+	}
+	return ParseServiceAccountsAPIDeleteServiceAccountResponse(rsp)
+}
+
+// ServiceAccountsAPIGetServiceAccountWithResponse request returning *ServiceAccountsAPIGetServiceAccountResponse
+func (c *ClientWithResponses) ServiceAccountsAPIGetServiceAccountWithResponse(ctx context.Context, organizationId string, serviceAccountId string) (*ServiceAccountsAPIGetServiceAccountResponse, error) {
+	rsp, err := c.ServiceAccountsAPIGetServiceAccount(ctx, organizationId, serviceAccountId)
+	if err != nil {
+		return nil, err
+	}
+	return ParseServiceAccountsAPIGetServiceAccountResponse(rsp)
+}
+
+// ServiceAccountsAPIUpdateServiceAccountWithBodyWithResponse request with arbitrary body returning *ServiceAccountsAPIUpdateServiceAccountResponse
+func (c *ClientWithResponses) ServiceAccountsAPIUpdateServiceAccountWithBodyWithResponse(ctx context.Context, organizationId string, serviceAccountId string, contentType string, body io.Reader) (*ServiceAccountsAPIUpdateServiceAccountResponse, error) {
+	rsp, err := c.ServiceAccountsAPIUpdateServiceAccountWithBody(ctx, organizationId, serviceAccountId, contentType, body)
+	if err != nil {
+		return nil, err
+	}
+	return ParseServiceAccountsAPIUpdateServiceAccountResponse(rsp)
+}
+
+func (c *ClientWithResponses) ServiceAccountsAPIUpdateServiceAccountWithResponse(ctx context.Context, organizationId string, serviceAccountId string, body ServiceAccountsAPIUpdateServiceAccountJSONRequestBody) (*ServiceAccountsAPIUpdateServiceAccountResponse, error) {
+	rsp, err := c.ServiceAccountsAPIUpdateServiceAccount(ctx, organizationId, serviceAccountId, body)
+	if err != nil {
+		return nil, err
+	}
+	return ParseServiceAccountsAPIUpdateServiceAccountResponse(rsp)
+}
+
+// ServiceAccountsAPICreateServiceAccountKeyWithBodyWithResponse request with arbitrary body returning *ServiceAccountsAPICreateServiceAccountKeyResponse
+func (c *ClientWithResponses) ServiceAccountsAPICreateServiceAccountKeyWithBodyWithResponse(ctx context.Context, organizationId string, serviceAccountId string, contentType string, body io.Reader) (*ServiceAccountsAPICreateServiceAccountKeyResponse, error) {
+	rsp, err := c.ServiceAccountsAPICreateServiceAccountKeyWithBody(ctx, organizationId, serviceAccountId, contentType, body)
+	if err != nil {
+		return nil, err
+	}
+	return ParseServiceAccountsAPICreateServiceAccountKeyResponse(rsp)
+}
+
+func (c *ClientWithResponses) ServiceAccountsAPICreateServiceAccountKeyWithResponse(ctx context.Context, organizationId string, serviceAccountId string, body ServiceAccountsAPICreateServiceAccountKeyJSONRequestBody) (*ServiceAccountsAPICreateServiceAccountKeyResponse, error) {
+	rsp, err := c.ServiceAccountsAPICreateServiceAccountKey(ctx, organizationId, serviceAccountId, body)
+	if err != nil {
+		return nil, err
+	}
+	return ParseServiceAccountsAPICreateServiceAccountKeyResponse(rsp)
+}
+
+// ServiceAccountsAPIUpdateServiceAccountKeyWithResponse request returning *ServiceAccountsAPIUpdateServiceAccountKeyResponse
+func (c *ClientWithResponses) ServiceAccountsAPIUpdateServiceAccountKeyWithResponse(ctx context.Context, organizationId string, serviceAccountId string, keyId string, params *ServiceAccountsAPIUpdateServiceAccountKeyParams) (*ServiceAccountsAPIUpdateServiceAccountKeyResponse, error) {
+	rsp, err := c.ServiceAccountsAPIUpdateServiceAccountKey(ctx, organizationId, serviceAccountId, keyId, params)
+	if err != nil {
+		return nil, err
+	}
+	return ParseServiceAccountsAPIUpdateServiceAccountKeyResponse(rsp)
+}
+
+// ServiceAccountsAPIDeleteServiceAccountKeyWithResponse request returning *ServiceAccountsAPIDeleteServiceAccountKeyResponse
+func (c *ClientWithResponses) ServiceAccountsAPIDeleteServiceAccountKeyWithResponse(ctx context.Context, organizationId string, serviceAccountId string, keyId string) (*ServiceAccountsAPIDeleteServiceAccountKeyResponse, error) {
+	rsp, err := c.ServiceAccountsAPIDeleteServiceAccountKey(ctx, organizationId, serviceAccountId, keyId)
+	if err != nil {
+		return nil, err
+	}
+	return ParseServiceAccountsAPIDeleteServiceAccountKeyResponse(rsp)
+}
+
 // UsersAPIRemoveOrganizationUsersWithResponse request returning *UsersAPIRemoveOrganizationUsersResponse
 func (c *ClientWithResponses) UsersAPIRemoveOrganizationUsersWithResponse(ctx context.Context, organizationId string, params *UsersAPIRemoveOrganizationUsersParams) (*UsersAPIRemoveOrganizationUsersResponse, error) {
 	rsp, err := c.UsersAPIRemoveOrganizationUsers(ctx, organizationId, params)
@@ -17667,6 +18616,228 @@ func ParseRbacServiceAPIUpdateRoleBindingResponse(rsp *http.Response) (*RbacServ
 	return response, nil
 }
 
+// ParseServiceAccountsAPIListServiceAccountsResponse parses an HTTP response from a ServiceAccountsAPIListServiceAccountsWithResponse call
+func ParseServiceAccountsAPIListServiceAccountsResponse(rsp *http.Response) (*ServiceAccountsAPIListServiceAccountsResponse, error) {
+	bodyBytes, err := ioutil.ReadAll(rsp.Body)
+	defer rsp.Body.Close()
+	if err != nil {
+		return nil, err
+	}
+
+	response := &ServiceAccountsAPIListServiceAccountsResponse{
+		Body:         bodyBytes,
+		HTTPResponse: rsp,
+	}
+
+	switch {
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200:
+		var dest CastaiServiceaccountsV1beta1ListServiceAccountsResponse
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON200 = &dest
+
+	}
+
+	return response, nil
+}
+
+// ParseServiceAccountsAPICreateServiceAccountResponse parses an HTTP response from a ServiceAccountsAPICreateServiceAccountWithResponse call
+func ParseServiceAccountsAPICreateServiceAccountResponse(rsp *http.Response) (*ServiceAccountsAPICreateServiceAccountResponse, error) {
+	bodyBytes, err := ioutil.ReadAll(rsp.Body)
+	defer rsp.Body.Close()
+	if err != nil {
+		return nil, err
+	}
+
+	response := &ServiceAccountsAPICreateServiceAccountResponse{
+		Body:         bodyBytes,
+		HTTPResponse: rsp,
+	}
+
+	switch {
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 201:
+		var dest CastaiServiceaccountsV1beta1CreateServiceAccountResponse
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON201 = &dest
+
+	}
+
+	return response, nil
+}
+
+// ParseServiceAccountsAPIDeleteServiceAccountResponse parses an HTTP response from a ServiceAccountsAPIDeleteServiceAccountWithResponse call
+func ParseServiceAccountsAPIDeleteServiceAccountResponse(rsp *http.Response) (*ServiceAccountsAPIDeleteServiceAccountResponse, error) {
+	bodyBytes, err := ioutil.ReadAll(rsp.Body)
+	defer rsp.Body.Close()
+	if err != nil {
+		return nil, err
+	}
+
+	response := &ServiceAccountsAPIDeleteServiceAccountResponse{
+		Body:         bodyBytes,
+		HTTPResponse: rsp,
+	}
+
+	switch {
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200:
+		var dest CastaiServiceaccountsV1beta1DeleteServiceAccountResponse
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON200 = &dest
+
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 204:
+		var dest map[string]interface{}
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON204 = &dest
+
+	}
+
+	return response, nil
+}
+
+// ParseServiceAccountsAPIGetServiceAccountResponse parses an HTTP response from a ServiceAccountsAPIGetServiceAccountWithResponse call
+func ParseServiceAccountsAPIGetServiceAccountResponse(rsp *http.Response) (*ServiceAccountsAPIGetServiceAccountResponse, error) {
+	bodyBytes, err := ioutil.ReadAll(rsp.Body)
+	defer rsp.Body.Close()
+	if err != nil {
+		return nil, err
+	}
+
+	response := &ServiceAccountsAPIGetServiceAccountResponse{
+		Body:         bodyBytes,
+		HTTPResponse: rsp,
+	}
+
+	switch {
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200:
+		var dest CastaiServiceaccountsV1beta1GetServiceAccountResponse
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON200 = &dest
+
+	}
+
+	return response, nil
+}
+
+// ParseServiceAccountsAPIUpdateServiceAccountResponse parses an HTTP response from a ServiceAccountsAPIUpdateServiceAccountWithResponse call
+func ParseServiceAccountsAPIUpdateServiceAccountResponse(rsp *http.Response) (*ServiceAccountsAPIUpdateServiceAccountResponse, error) {
+	bodyBytes, err := ioutil.ReadAll(rsp.Body)
+	defer rsp.Body.Close()
+	if err != nil {
+		return nil, err
+	}
+
+	response := &ServiceAccountsAPIUpdateServiceAccountResponse{
+		Body:         bodyBytes,
+		HTTPResponse: rsp,
+	}
+
+	switch {
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200:
+		var dest CastaiServiceaccountsV1beta1UpdateServiceAccountResponse
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON200 = &dest
+
+	}
+
+	return response, nil
+}
+
+// ParseServiceAccountsAPICreateServiceAccountKeyResponse parses an HTTP response from a ServiceAccountsAPICreateServiceAccountKeyWithResponse call
+func ParseServiceAccountsAPICreateServiceAccountKeyResponse(rsp *http.Response) (*ServiceAccountsAPICreateServiceAccountKeyResponse, error) {
+	bodyBytes, err := ioutil.ReadAll(rsp.Body)
+	defer rsp.Body.Close()
+	if err != nil {
+		return nil, err
+	}
+
+	response := &ServiceAccountsAPICreateServiceAccountKeyResponse{
+		Body:         bodyBytes,
+		HTTPResponse: rsp,
+	}
+
+	switch {
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200:
+		var dest CastaiServiceaccountsV1beta1CreateServiceAccountKeyResponse
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON200 = &dest
+
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 201:
+		var dest map[string]interface{}
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON201 = &dest
+
+	}
+
+	return response, nil
+}
+
+// ParseServiceAccountsAPIUpdateServiceAccountKeyResponse parses an HTTP response from a ServiceAccountsAPIUpdateServiceAccountKeyWithResponse call
+func ParseServiceAccountsAPIUpdateServiceAccountKeyResponse(rsp *http.Response) (*ServiceAccountsAPIUpdateServiceAccountKeyResponse, error) {
+	bodyBytes, err := ioutil.ReadAll(rsp.Body)
+	defer rsp.Body.Close()
+	if err != nil {
+		return nil, err
+	}
+
+	response := &ServiceAccountsAPIUpdateServiceAccountKeyResponse{
+		Body:         bodyBytes,
+		HTTPResponse: rsp,
+	}
+
+	switch {
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200:
+		var dest CastaiServiceaccountsV1beta1UpdateServiceAccountKeyResponse
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON200 = &dest
+
+	}
+
+	return response, nil
+}
+
+// ParseServiceAccountsAPIDeleteServiceAccountKeyResponse parses an HTTP response from a ServiceAccountsAPIDeleteServiceAccountKeyWithResponse call
+func ParseServiceAccountsAPIDeleteServiceAccountKeyResponse(rsp *http.Response) (*ServiceAccountsAPIDeleteServiceAccountKeyResponse, error) {
+	bodyBytes, err := ioutil.ReadAll(rsp.Body)
+	defer rsp.Body.Close()
+	if err != nil {
+		return nil, err
+	}
+
+	response := &ServiceAccountsAPIDeleteServiceAccountKeyResponse{
+		Body:         bodyBytes,
+		HTTPResponse: rsp,
+	}
+
+	switch {
+	case strings.Contains(rsp.Header.Get("Content-Type"), "json") && rsp.StatusCode == 200:
+		var dest CastaiServiceaccountsV1beta1DeleteServiceAccountKeyResponse
+		if err := json.Unmarshal(bodyBytes, &dest); err != nil {
+			return nil, err
+		}
+		response.JSON200 = &dest
+
+	}
+
+	return response, nil
+}
+
 // ParseUsersAPIRemoveOrganizationUsersResponse parses an HTTP response from a UsersAPIRemoveOrganizationUsersWithResponse call
 func ParseUsersAPIRemoveOrganizationUsersResponse(rsp *http.Response) (*UsersAPIRemoveOrganizationUsersResponse, error) {
 	bodyBytes, err := ioutil.ReadAll(rsp.Body)
diff --git a/castai/sdk/mock/client.go b/castai/sdk/mock/client.go
index 20f0e0d4..959a3c9a 100644
--- a/castai/sdk/mock/client.go
+++ b/castai/sdk/mock/client.go
@@ -2915,6 +2915,226 @@ func (mr *MockClientInterfaceMockRecorder) ScheduledRebalancingAPIUpdateRebalanc
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ScheduledRebalancingAPIUpdateRebalancingScheduleWithBody", reflect.TypeOf((*MockClientInterface)(nil).ScheduledRebalancingAPIUpdateRebalancingScheduleWithBody), varargs...)
 }
 
+// ServiceAccountsAPICreateServiceAccount mocks base method.
+func (m *MockClientInterface) ServiceAccountsAPICreateServiceAccount(ctx context.Context, organizationId string, body sdk.ServiceAccountsAPICreateServiceAccountJSONRequestBody, reqEditors ...sdk.RequestEditorFn) (*http.Response, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{ctx, organizationId, body}
+	for _, a := range reqEditors {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "ServiceAccountsAPICreateServiceAccount", varargs...)
+	ret0, _ := ret[0].(*http.Response)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPICreateServiceAccount indicates an expected call of ServiceAccountsAPICreateServiceAccount.
+func (mr *MockClientInterfaceMockRecorder) ServiceAccountsAPICreateServiceAccount(ctx, organizationId, body interface{}, reqEditors ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	varargs := append([]interface{}{ctx, organizationId, body}, reqEditors...)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPICreateServiceAccount", reflect.TypeOf((*MockClientInterface)(nil).ServiceAccountsAPICreateServiceAccount), varargs...)
+}
+
+// ServiceAccountsAPICreateServiceAccountKey mocks base method.
+func (m *MockClientInterface) ServiceAccountsAPICreateServiceAccountKey(ctx context.Context, organizationId, serviceAccountId string, body sdk.ServiceAccountsAPICreateServiceAccountKeyJSONRequestBody, reqEditors ...sdk.RequestEditorFn) (*http.Response, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{ctx, organizationId, serviceAccountId, body}
+	for _, a := range reqEditors {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "ServiceAccountsAPICreateServiceAccountKey", varargs...)
+	ret0, _ := ret[0].(*http.Response)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPICreateServiceAccountKey indicates an expected call of ServiceAccountsAPICreateServiceAccountKey.
+func (mr *MockClientInterfaceMockRecorder) ServiceAccountsAPICreateServiceAccountKey(ctx, organizationId, serviceAccountId, body interface{}, reqEditors ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	varargs := append([]interface{}{ctx, organizationId, serviceAccountId, body}, reqEditors...)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPICreateServiceAccountKey", reflect.TypeOf((*MockClientInterface)(nil).ServiceAccountsAPICreateServiceAccountKey), varargs...)
+}
+
+// ServiceAccountsAPICreateServiceAccountKeyWithBody mocks base method.
+func (m *MockClientInterface) ServiceAccountsAPICreateServiceAccountKeyWithBody(ctx context.Context, organizationId, serviceAccountId, contentType string, body io.Reader, reqEditors ...sdk.RequestEditorFn) (*http.Response, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{ctx, organizationId, serviceAccountId, contentType, body}
+	for _, a := range reqEditors {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "ServiceAccountsAPICreateServiceAccountKeyWithBody", varargs...)
+	ret0, _ := ret[0].(*http.Response)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPICreateServiceAccountKeyWithBody indicates an expected call of ServiceAccountsAPICreateServiceAccountKeyWithBody.
+func (mr *MockClientInterfaceMockRecorder) ServiceAccountsAPICreateServiceAccountKeyWithBody(ctx, organizationId, serviceAccountId, contentType, body interface{}, reqEditors ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	varargs := append([]interface{}{ctx, organizationId, serviceAccountId, contentType, body}, reqEditors...)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPICreateServiceAccountKeyWithBody", reflect.TypeOf((*MockClientInterface)(nil).ServiceAccountsAPICreateServiceAccountKeyWithBody), varargs...)
+}
+
+// ServiceAccountsAPICreateServiceAccountWithBody mocks base method.
+func (m *MockClientInterface) ServiceAccountsAPICreateServiceAccountWithBody(ctx context.Context, organizationId, contentType string, body io.Reader, reqEditors ...sdk.RequestEditorFn) (*http.Response, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{ctx, organizationId, contentType, body}
+	for _, a := range reqEditors {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "ServiceAccountsAPICreateServiceAccountWithBody", varargs...)
+	ret0, _ := ret[0].(*http.Response)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPICreateServiceAccountWithBody indicates an expected call of ServiceAccountsAPICreateServiceAccountWithBody.
+func (mr *MockClientInterfaceMockRecorder) ServiceAccountsAPICreateServiceAccountWithBody(ctx, organizationId, contentType, body interface{}, reqEditors ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	varargs := append([]interface{}{ctx, organizationId, contentType, body}, reqEditors...)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPICreateServiceAccountWithBody", reflect.TypeOf((*MockClientInterface)(nil).ServiceAccountsAPICreateServiceAccountWithBody), varargs...)
+}
+
+// ServiceAccountsAPIDeleteServiceAccount mocks base method.
+func (m *MockClientInterface) ServiceAccountsAPIDeleteServiceAccount(ctx context.Context, organizationId, serviceAccountId string, reqEditors ...sdk.RequestEditorFn) (*http.Response, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{ctx, organizationId, serviceAccountId}
+	for _, a := range reqEditors {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIDeleteServiceAccount", varargs...)
+	ret0, _ := ret[0].(*http.Response)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIDeleteServiceAccount indicates an expected call of ServiceAccountsAPIDeleteServiceAccount.
+func (mr *MockClientInterfaceMockRecorder) ServiceAccountsAPIDeleteServiceAccount(ctx, organizationId, serviceAccountId interface{}, reqEditors ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	varargs := append([]interface{}{ctx, organizationId, serviceAccountId}, reqEditors...)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIDeleteServiceAccount", reflect.TypeOf((*MockClientInterface)(nil).ServiceAccountsAPIDeleteServiceAccount), varargs...)
+}
+
+// ServiceAccountsAPIDeleteServiceAccountKey mocks base method.
+func (m *MockClientInterface) ServiceAccountsAPIDeleteServiceAccountKey(ctx context.Context, organizationId, serviceAccountId, keyId string, reqEditors ...sdk.RequestEditorFn) (*http.Response, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{ctx, organizationId, serviceAccountId, keyId}
+	for _, a := range reqEditors {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIDeleteServiceAccountKey", varargs...)
+	ret0, _ := ret[0].(*http.Response)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIDeleteServiceAccountKey indicates an expected call of ServiceAccountsAPIDeleteServiceAccountKey.
+func (mr *MockClientInterfaceMockRecorder) ServiceAccountsAPIDeleteServiceAccountKey(ctx, organizationId, serviceAccountId, keyId interface{}, reqEditors ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	varargs := append([]interface{}{ctx, organizationId, serviceAccountId, keyId}, reqEditors...)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIDeleteServiceAccountKey", reflect.TypeOf((*MockClientInterface)(nil).ServiceAccountsAPIDeleteServiceAccountKey), varargs...)
+}
+
+// ServiceAccountsAPIGetServiceAccount mocks base method.
+func (m *MockClientInterface) ServiceAccountsAPIGetServiceAccount(ctx context.Context, organizationId, serviceAccountId string, reqEditors ...sdk.RequestEditorFn) (*http.Response, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{ctx, organizationId, serviceAccountId}
+	for _, a := range reqEditors {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIGetServiceAccount", varargs...)
+	ret0, _ := ret[0].(*http.Response)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIGetServiceAccount indicates an expected call of ServiceAccountsAPIGetServiceAccount.
+func (mr *MockClientInterfaceMockRecorder) ServiceAccountsAPIGetServiceAccount(ctx, organizationId, serviceAccountId interface{}, reqEditors ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	varargs := append([]interface{}{ctx, organizationId, serviceAccountId}, reqEditors...)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIGetServiceAccount", reflect.TypeOf((*MockClientInterface)(nil).ServiceAccountsAPIGetServiceAccount), varargs...)
+}
+
+// ServiceAccountsAPIListServiceAccounts mocks base method.
+func (m *MockClientInterface) ServiceAccountsAPIListServiceAccounts(ctx context.Context, organizationId string, params *sdk.ServiceAccountsAPIListServiceAccountsParams, reqEditors ...sdk.RequestEditorFn) (*http.Response, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{ctx, organizationId, params}
+	for _, a := range reqEditors {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIListServiceAccounts", varargs...)
+	ret0, _ := ret[0].(*http.Response)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIListServiceAccounts indicates an expected call of ServiceAccountsAPIListServiceAccounts.
+func (mr *MockClientInterfaceMockRecorder) ServiceAccountsAPIListServiceAccounts(ctx, organizationId, params interface{}, reqEditors ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	varargs := append([]interface{}{ctx, organizationId, params}, reqEditors...)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIListServiceAccounts", reflect.TypeOf((*MockClientInterface)(nil).ServiceAccountsAPIListServiceAccounts), varargs...)
+}
+
+// ServiceAccountsAPIUpdateServiceAccount mocks base method.
+func (m *MockClientInterface) ServiceAccountsAPIUpdateServiceAccount(ctx context.Context, organizationId, serviceAccountId string, body sdk.ServiceAccountsAPIUpdateServiceAccountJSONRequestBody, reqEditors ...sdk.RequestEditorFn) (*http.Response, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{ctx, organizationId, serviceAccountId, body}
+	for _, a := range reqEditors {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIUpdateServiceAccount", varargs...)
+	ret0, _ := ret[0].(*http.Response)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIUpdateServiceAccount indicates an expected call of ServiceAccountsAPIUpdateServiceAccount.
+func (mr *MockClientInterfaceMockRecorder) ServiceAccountsAPIUpdateServiceAccount(ctx, organizationId, serviceAccountId, body interface{}, reqEditors ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	varargs := append([]interface{}{ctx, organizationId, serviceAccountId, body}, reqEditors...)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIUpdateServiceAccount", reflect.TypeOf((*MockClientInterface)(nil).ServiceAccountsAPIUpdateServiceAccount), varargs...)
+}
+
+// ServiceAccountsAPIUpdateServiceAccountKey mocks base method.
+func (m *MockClientInterface) ServiceAccountsAPIUpdateServiceAccountKey(ctx context.Context, organizationId, serviceAccountId, keyId string, params *sdk.ServiceAccountsAPIUpdateServiceAccountKeyParams, reqEditors ...sdk.RequestEditorFn) (*http.Response, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{ctx, organizationId, serviceAccountId, keyId, params}
+	for _, a := range reqEditors {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIUpdateServiceAccountKey", varargs...)
+	ret0, _ := ret[0].(*http.Response)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIUpdateServiceAccountKey indicates an expected call of ServiceAccountsAPIUpdateServiceAccountKey.
+func (mr *MockClientInterfaceMockRecorder) ServiceAccountsAPIUpdateServiceAccountKey(ctx, organizationId, serviceAccountId, keyId, params interface{}, reqEditors ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	varargs := append([]interface{}{ctx, organizationId, serviceAccountId, keyId, params}, reqEditors...)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIUpdateServiceAccountKey", reflect.TypeOf((*MockClientInterface)(nil).ServiceAccountsAPIUpdateServiceAccountKey), varargs...)
+}
+
+// ServiceAccountsAPIUpdateServiceAccountWithBody mocks base method.
+func (m *MockClientInterface) ServiceAccountsAPIUpdateServiceAccountWithBody(ctx context.Context, organizationId, serviceAccountId, contentType string, body io.Reader, reqEditors ...sdk.RequestEditorFn) (*http.Response, error) {
+	m.ctrl.T.Helper()
+	varargs := []interface{}{ctx, organizationId, serviceAccountId, contentType, body}
+	for _, a := range reqEditors {
+		varargs = append(varargs, a)
+	}
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIUpdateServiceAccountWithBody", varargs...)
+	ret0, _ := ret[0].(*http.Response)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIUpdateServiceAccountWithBody indicates an expected call of ServiceAccountsAPIUpdateServiceAccountWithBody.
+func (mr *MockClientInterfaceMockRecorder) ServiceAccountsAPIUpdateServiceAccountWithBody(ctx, organizationId, serviceAccountId, contentType, body interface{}, reqEditors ...interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	varargs := append([]interface{}{ctx, organizationId, serviceAccountId, contentType, body}, reqEditors...)
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIUpdateServiceAccountWithBody", reflect.TypeOf((*MockClientInterface)(nil).ServiceAccountsAPIUpdateServiceAccountWithBody), varargs...)
+}
+
 // UsersAPIAddUserToOrganization mocks base method.
 func (m *MockClientInterface) UsersAPIAddUserToOrganization(ctx context.Context, organizationId string, body sdk.UsersAPIAddUserToOrganizationJSONRequestBody, reqEditors ...sdk.RequestEditorFn) (*http.Response, error) {
 	m.ctrl.T.Helper()
@@ -5908,6 +6128,171 @@ func (mr *MockClientWithResponsesInterfaceMockRecorder) ScheduledRebalancingAPIU
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ScheduledRebalancingAPIUpdateRebalancingScheduleWithResponse", reflect.TypeOf((*MockClientWithResponsesInterface)(nil).ScheduledRebalancingAPIUpdateRebalancingScheduleWithResponse), ctx, params, body)
 }
 
+// ServiceAccountsAPICreateServiceAccountKeyWithBodyWithResponse mocks base method.
+func (m *MockClientWithResponsesInterface) ServiceAccountsAPICreateServiceAccountKeyWithBodyWithResponse(ctx context.Context, organizationId, serviceAccountId, contentType string, body io.Reader) (*sdk.ServiceAccountsAPICreateServiceAccountKeyResponse, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "ServiceAccountsAPICreateServiceAccountKeyWithBodyWithResponse", ctx, organizationId, serviceAccountId, contentType, body)
+	ret0, _ := ret[0].(*sdk.ServiceAccountsAPICreateServiceAccountKeyResponse)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPICreateServiceAccountKeyWithBodyWithResponse indicates an expected call of ServiceAccountsAPICreateServiceAccountKeyWithBodyWithResponse.
+func (mr *MockClientWithResponsesInterfaceMockRecorder) ServiceAccountsAPICreateServiceAccountKeyWithBodyWithResponse(ctx, organizationId, serviceAccountId, contentType, body interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPICreateServiceAccountKeyWithBodyWithResponse", reflect.TypeOf((*MockClientWithResponsesInterface)(nil).ServiceAccountsAPICreateServiceAccountKeyWithBodyWithResponse), ctx, organizationId, serviceAccountId, contentType, body)
+}
+
+// ServiceAccountsAPICreateServiceAccountKeyWithResponse mocks base method.
+func (m *MockClientWithResponsesInterface) ServiceAccountsAPICreateServiceAccountKeyWithResponse(ctx context.Context, organizationId, serviceAccountId string, body sdk.ServiceAccountsAPICreateServiceAccountKeyJSONRequestBody) (*sdk.ServiceAccountsAPICreateServiceAccountKeyResponse, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "ServiceAccountsAPICreateServiceAccountKeyWithResponse", ctx, organizationId, serviceAccountId, body)
+	ret0, _ := ret[0].(*sdk.ServiceAccountsAPICreateServiceAccountKeyResponse)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPICreateServiceAccountKeyWithResponse indicates an expected call of ServiceAccountsAPICreateServiceAccountKeyWithResponse.
+func (mr *MockClientWithResponsesInterfaceMockRecorder) ServiceAccountsAPICreateServiceAccountKeyWithResponse(ctx, organizationId, serviceAccountId, body interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPICreateServiceAccountKeyWithResponse", reflect.TypeOf((*MockClientWithResponsesInterface)(nil).ServiceAccountsAPICreateServiceAccountKeyWithResponse), ctx, organizationId, serviceAccountId, body)
+}
+
+// ServiceAccountsAPICreateServiceAccountWithBodyWithResponse mocks base method.
+func (m *MockClientWithResponsesInterface) ServiceAccountsAPICreateServiceAccountWithBodyWithResponse(ctx context.Context, organizationId, contentType string, body io.Reader) (*sdk.ServiceAccountsAPICreateServiceAccountResponse, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "ServiceAccountsAPICreateServiceAccountWithBodyWithResponse", ctx, organizationId, contentType, body)
+	ret0, _ := ret[0].(*sdk.ServiceAccountsAPICreateServiceAccountResponse)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPICreateServiceAccountWithBodyWithResponse indicates an expected call of ServiceAccountsAPICreateServiceAccountWithBodyWithResponse.
+func (mr *MockClientWithResponsesInterfaceMockRecorder) ServiceAccountsAPICreateServiceAccountWithBodyWithResponse(ctx, organizationId, contentType, body interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPICreateServiceAccountWithBodyWithResponse", reflect.TypeOf((*MockClientWithResponsesInterface)(nil).ServiceAccountsAPICreateServiceAccountWithBodyWithResponse), ctx, organizationId, contentType, body)
+}
+
+// ServiceAccountsAPICreateServiceAccountWithResponse mocks base method.
+func (m *MockClientWithResponsesInterface) ServiceAccountsAPICreateServiceAccountWithResponse(ctx context.Context, organizationId string, body sdk.ServiceAccountsAPICreateServiceAccountJSONRequestBody) (*sdk.ServiceAccountsAPICreateServiceAccountResponse, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "ServiceAccountsAPICreateServiceAccountWithResponse", ctx, organizationId, body)
+	ret0, _ := ret[0].(*sdk.ServiceAccountsAPICreateServiceAccountResponse)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPICreateServiceAccountWithResponse indicates an expected call of ServiceAccountsAPICreateServiceAccountWithResponse.
+func (mr *MockClientWithResponsesInterfaceMockRecorder) ServiceAccountsAPICreateServiceAccountWithResponse(ctx, organizationId, body interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPICreateServiceAccountWithResponse", reflect.TypeOf((*MockClientWithResponsesInterface)(nil).ServiceAccountsAPICreateServiceAccountWithResponse), ctx, organizationId, body)
+}
+
+// ServiceAccountsAPIDeleteServiceAccountKeyWithResponse mocks base method.
+func (m *MockClientWithResponsesInterface) ServiceAccountsAPIDeleteServiceAccountKeyWithResponse(ctx context.Context, organizationId, serviceAccountId, keyId string) (*sdk.ServiceAccountsAPIDeleteServiceAccountKeyResponse, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIDeleteServiceAccountKeyWithResponse", ctx, organizationId, serviceAccountId, keyId)
+	ret0, _ := ret[0].(*sdk.ServiceAccountsAPIDeleteServiceAccountKeyResponse)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIDeleteServiceAccountKeyWithResponse indicates an expected call of ServiceAccountsAPIDeleteServiceAccountKeyWithResponse.
+func (mr *MockClientWithResponsesInterfaceMockRecorder) ServiceAccountsAPIDeleteServiceAccountKeyWithResponse(ctx, organizationId, serviceAccountId, keyId interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIDeleteServiceAccountKeyWithResponse", reflect.TypeOf((*MockClientWithResponsesInterface)(nil).ServiceAccountsAPIDeleteServiceAccountKeyWithResponse), ctx, organizationId, serviceAccountId, keyId)
+}
+
+// ServiceAccountsAPIDeleteServiceAccountWithResponse mocks base method.
+func (m *MockClientWithResponsesInterface) ServiceAccountsAPIDeleteServiceAccountWithResponse(ctx context.Context, organizationId, serviceAccountId string) (*sdk.ServiceAccountsAPIDeleteServiceAccountResponse, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIDeleteServiceAccountWithResponse", ctx, organizationId, serviceAccountId)
+	ret0, _ := ret[0].(*sdk.ServiceAccountsAPIDeleteServiceAccountResponse)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIDeleteServiceAccountWithResponse indicates an expected call of ServiceAccountsAPIDeleteServiceAccountWithResponse.
+func (mr *MockClientWithResponsesInterfaceMockRecorder) ServiceAccountsAPIDeleteServiceAccountWithResponse(ctx, organizationId, serviceAccountId interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIDeleteServiceAccountWithResponse", reflect.TypeOf((*MockClientWithResponsesInterface)(nil).ServiceAccountsAPIDeleteServiceAccountWithResponse), ctx, organizationId, serviceAccountId)
+}
+
+// ServiceAccountsAPIGetServiceAccountWithResponse mocks base method.
+func (m *MockClientWithResponsesInterface) ServiceAccountsAPIGetServiceAccountWithResponse(ctx context.Context, organizationId, serviceAccountId string) (*sdk.ServiceAccountsAPIGetServiceAccountResponse, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIGetServiceAccountWithResponse", ctx, organizationId, serviceAccountId)
+	ret0, _ := ret[0].(*sdk.ServiceAccountsAPIGetServiceAccountResponse)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIGetServiceAccountWithResponse indicates an expected call of ServiceAccountsAPIGetServiceAccountWithResponse.
+func (mr *MockClientWithResponsesInterfaceMockRecorder) ServiceAccountsAPIGetServiceAccountWithResponse(ctx, organizationId, serviceAccountId interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIGetServiceAccountWithResponse", reflect.TypeOf((*MockClientWithResponsesInterface)(nil).ServiceAccountsAPIGetServiceAccountWithResponse), ctx, organizationId, serviceAccountId)
+}
+
+// ServiceAccountsAPIListServiceAccountsWithResponse mocks base method.
+func (m *MockClientWithResponsesInterface) ServiceAccountsAPIListServiceAccountsWithResponse(ctx context.Context, organizationId string, params *sdk.ServiceAccountsAPIListServiceAccountsParams) (*sdk.ServiceAccountsAPIListServiceAccountsResponse, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIListServiceAccountsWithResponse", ctx, organizationId, params)
+	ret0, _ := ret[0].(*sdk.ServiceAccountsAPIListServiceAccountsResponse)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIListServiceAccountsWithResponse indicates an expected call of ServiceAccountsAPIListServiceAccountsWithResponse.
+func (mr *MockClientWithResponsesInterfaceMockRecorder) ServiceAccountsAPIListServiceAccountsWithResponse(ctx, organizationId, params interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIListServiceAccountsWithResponse", reflect.TypeOf((*MockClientWithResponsesInterface)(nil).ServiceAccountsAPIListServiceAccountsWithResponse), ctx, organizationId, params)
+}
+
+// ServiceAccountsAPIUpdateServiceAccountKeyWithResponse mocks base method.
+func (m *MockClientWithResponsesInterface) ServiceAccountsAPIUpdateServiceAccountKeyWithResponse(ctx context.Context, organizationId, serviceAccountId, keyId string, params *sdk.ServiceAccountsAPIUpdateServiceAccountKeyParams) (*sdk.ServiceAccountsAPIUpdateServiceAccountKeyResponse, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIUpdateServiceAccountKeyWithResponse", ctx, organizationId, serviceAccountId, keyId, params)
+	ret0, _ := ret[0].(*sdk.ServiceAccountsAPIUpdateServiceAccountKeyResponse)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIUpdateServiceAccountKeyWithResponse indicates an expected call of ServiceAccountsAPIUpdateServiceAccountKeyWithResponse.
+func (mr *MockClientWithResponsesInterfaceMockRecorder) ServiceAccountsAPIUpdateServiceAccountKeyWithResponse(ctx, organizationId, serviceAccountId, keyId, params interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIUpdateServiceAccountKeyWithResponse", reflect.TypeOf((*MockClientWithResponsesInterface)(nil).ServiceAccountsAPIUpdateServiceAccountKeyWithResponse), ctx, organizationId, serviceAccountId, keyId, params)
+}
+
+// ServiceAccountsAPIUpdateServiceAccountWithBodyWithResponse mocks base method.
+func (m *MockClientWithResponsesInterface) ServiceAccountsAPIUpdateServiceAccountWithBodyWithResponse(ctx context.Context, organizationId, serviceAccountId, contentType string, body io.Reader) (*sdk.ServiceAccountsAPIUpdateServiceAccountResponse, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIUpdateServiceAccountWithBodyWithResponse", ctx, organizationId, serviceAccountId, contentType, body)
+	ret0, _ := ret[0].(*sdk.ServiceAccountsAPIUpdateServiceAccountResponse)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIUpdateServiceAccountWithBodyWithResponse indicates an expected call of ServiceAccountsAPIUpdateServiceAccountWithBodyWithResponse.
+func (mr *MockClientWithResponsesInterfaceMockRecorder) ServiceAccountsAPIUpdateServiceAccountWithBodyWithResponse(ctx, organizationId, serviceAccountId, contentType, body interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIUpdateServiceAccountWithBodyWithResponse", reflect.TypeOf((*MockClientWithResponsesInterface)(nil).ServiceAccountsAPIUpdateServiceAccountWithBodyWithResponse), ctx, organizationId, serviceAccountId, contentType, body)
+}
+
+// ServiceAccountsAPIUpdateServiceAccountWithResponse mocks base method.
+func (m *MockClientWithResponsesInterface) ServiceAccountsAPIUpdateServiceAccountWithResponse(ctx context.Context, organizationId, serviceAccountId string, body sdk.ServiceAccountsAPIUpdateServiceAccountJSONRequestBody) (*sdk.ServiceAccountsAPIUpdateServiceAccountResponse, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "ServiceAccountsAPIUpdateServiceAccountWithResponse", ctx, organizationId, serviceAccountId, body)
+	ret0, _ := ret[0].(*sdk.ServiceAccountsAPIUpdateServiceAccountResponse)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// ServiceAccountsAPIUpdateServiceAccountWithResponse indicates an expected call of ServiceAccountsAPIUpdateServiceAccountWithResponse.
+func (mr *MockClientWithResponsesInterfaceMockRecorder) ServiceAccountsAPIUpdateServiceAccountWithResponse(ctx, organizationId, serviceAccountId, body interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ServiceAccountsAPIUpdateServiceAccountWithResponse", reflect.TypeOf((*MockClientWithResponsesInterface)(nil).ServiceAccountsAPIUpdateServiceAccountWithResponse), ctx, organizationId, serviceAccountId, body)
+}
+
 // UsersAPIAddUserToOrganizationWithBodyWithResponse mocks base method.
 func (m *MockClientWithResponsesInterface) UsersAPIAddUserToOrganizationWithBodyWithResponse(ctx context.Context, organizationId, contentType string, body io.Reader) (*sdk.UsersAPIAddUserToOrganizationResponse, error) {
 	m.ctrl.T.Helper()
diff --git a/castai/sdk/utils_response.go b/castai/sdk/utils_response.go
index 16a0058f..bdcaf39c 100644
--- a/castai/sdk/utils_response.go
+++ b/castai/sdk/utils_response.go
@@ -18,6 +18,10 @@ func CheckResponseNoContent(response Response, err error) error {
 	return checkResponse(response, err, http.StatusNoContent)
 }
 
+func CheckResponseCreated(response Response, err error) error {
+  return checkResponse(response, err, http.StatusCreated)
+}
+
 func StatusOk(resp Response) error {
 	return checkResponse(resp, nil, http.StatusOK)
 }
diff --git a/docs/resources/service_account.md b/docs/resources/service_account.md
new file mode 100644
index 00000000..c83f36f8
--- /dev/null
+++ b/docs/resources/service_account.md
@@ -0,0 +1,61 @@
+---
+# generated by https://github.com/hashicorp/terraform-plugin-docs
+page_title: "castai_service_account Resource - terraform-provider-castai"
+subcategory: ""
+description: |-
+  Service Account resource allows managing CAST AI service accounts.
+---
+
+# castai_service_account (Resource)
+
+Service Account resource allows managing CAST AI service accounts.
+
+## Example Usage
+
+```terraform
+resource "castai_service_account" "service_account" {
+  organization_id = organization.id
+  name            = "service-account-name"
+  description     = "service account description"
+}
+```
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) Name of the service account.
+- `organization_id` (String) ID of the organization.
+
+### Optional
+
+- `description` (String) Description of the service account.
+- `timeouts` (Block, Optional) (see [below for nested schema](#nestedblock--timeouts))
+
+### Read-Only
+
+- `author` (List of Object) Author of the service account. (see [below for nested schema](#nestedatt--author))
+- `email` (String) Email of the service account.
+- `id` (String) The ID of this resource.
+
+<a id="nestedblock--timeouts"></a>
+### Nested Schema for `timeouts`
+
+Optional:
+
+- `create` (String)
+- `delete` (String)
+- `update` (String)
+
+
+<a id="nestedatt--author"></a>
+### Nested Schema for `author`
+
+Read-Only:
+
+- `email` (String)
+- `id` (String)
+- `kind` (String)
+
+
diff --git a/examples/resources/castai_service_account/resource.tf b/examples/resources/castai_service_account/resource.tf
new file mode 100644
index 00000000..5caf87f5
--- /dev/null
+++ b/examples/resources/castai_service_account/resource.tf
@@ -0,0 +1,5 @@
+resource "castai_service_account" "service_account" {
+  organization_id = organization.id
+  name            = "service-account-name"
+  description     = "service account description"
+}