diff --git a/scopes/scopes.go b/scopes/scopes.go
index c0ce68f..2917a24 100644
--- a/scopes/scopes.go
+++ b/scopes/scopes.go
@@ -118,6 +118,7 @@ var (
 		PermissionEnterprisePortalSubscription,
 		PermissionEnterprisePortalSubscriptionPermission,
 		PermissionEnterprisePortalCodyAccess,
+		PermissionEnterprisePortalMetering,
 	}
 	workspacesPermissions = []Permission{
 		"workspace",
@@ -152,6 +153,10 @@ const (
 	// PermissionEnterprisePortalCodyAccess designates permissions for Enterprise
 	// Cody Access for managed Cody features.
 	PermissionEnterprisePortalCodyAccess Permission = "codyaccess"
+
+	// PermissionEnterprisePortalMetering designates permissions for Deep Search
+	// quota management and metering functionality.
+	PermissionEnterprisePortalMetering Permission = "metering"
 )
 
 // Allowed returns all allowed scopes for a client. The caller should use
diff --git a/scopes/scopes_test.go b/scopes/scopes_test.go
index d76278e..0037b9d 100644
--- a/scopes/scopes_test.go
+++ b/scopes/scopes_test.go
@@ -75,6 +75,9 @@ func TestAllowedGoldenList(t *testing.T) {
 		Scope("enterprise_portal::codyaccess::read"),
 		Scope("enterprise_portal::codyaccess::write"),
 		Scope("enterprise_portal::codyaccess::delete"),
+		Scope("enterprise_portal::metering::read"),
+		Scope("enterprise_portal::metering::write"),
+		Scope("enterprise_portal::metering::delete"),
 		Scope("mail_gatekeeper::emails::read"),
 		Scope("mail_gatekeeper::emails::write"),
 		Scope("mail_gatekeeper::emails::delete"),