diff --git a/.rubocop_todo/api/description_tags.yml b/.rubocop_todo/api/description_tags.yml
index dd3aaac4cc147e785a19d17a10ca6d720937e028..f2cdb3ca1fe35e3d34604c0ff7815ad82fc8a55b 100644
--- a/.rubocop_todo/api/description_tags.yml
+++ b/.rubocop_todo/api/description_tags.yml
@@ -27,7 +27,6 @@ API/DescriptionTags:
     - 'ee/lib/api/internal/ai/x_ray/scan.rb'
     - 'ee/lib/api/internal/search/zoekt.rb'
     - 'ee/lib/api/iterations.rb'
-    - 'ee/lib/api/manage/groups.rb'
     - 'ee/lib/api/project_google_cloud_integration.rb'
     - 'ee/lib/api/project_mirror.rb'
     - 'ee/lib/api/provider_identity.rb'
diff --git a/ee/lib/api/manage/groups.rb b/ee/lib/api/manage/groups.rb
index fae721e9a90b56e513594351b1ccda9434e9ae1b..25fc1ee240f57598663b94a85ba7847e8a05817e 100644
--- a/ee/lib/api/manage/groups.rb
+++ b/ee/lib/api/manage/groups.rb
@@ -61,6 +61,7 @@ def validate_bot_tokens(token, bot_resource)
 
           desc 'Get Personal access tokens' do
             detail 'This feature was introduced in GitLab 17.8.'
+            tags ['group_credentials_inventory']
           end
           get do
             tokens = PersonalAccessTokensFinder.new(
@@ -81,6 +82,7 @@ def validate_bot_tokens(token, bot_resource)
 
           desc 'Revoke a personal access token for the group' do
             detail 'Revoke a personal access token by using the ID of the personal access token.'
+            tags ['group_credentials_inventory']
             success code: 204
             failure [
               { code: 400, message: 'Bad Request' }
@@ -97,6 +99,7 @@ def validate_bot_tokens(token, bot_resource)
 
           desc 'Rotate personal access token' do
             detail 'Rotates a personal access token.'
+            tags ['group_credentials_inventory']
             success Entities::PersonalAccessTokenWithToken
           end
           params do
@@ -128,6 +131,7 @@ def validate_bot_tokens(token, bot_resource)
 
           desc 'Get resource access tokens' do
             detail 'This feature was introduced in GitLab 17.10.'
+            tags ['group_credentials_inventory']
           end
           # rubocop:disable CodeReuse/ActiveRecord -- Specific to this endpoint
           get do
@@ -143,6 +147,7 @@ def validate_bot_tokens(token, bot_resource)
 
           desc 'Revoke a resource access token for the group' do
             detail 'Revoke a resource access token by using the ID of the resource access token.'
+            tags ['group_credentials_inventory']
             success code: 204
             failure [
               { code: 400, message: 'Bad Request' }
@@ -167,6 +172,7 @@ def validate_bot_tokens(token, bot_resource)
 
           desc 'Rotate a resource access token for the group' do
             detail 'Rotate a resource access token by using the ID of the resource access token.'
+            tags ['group_credentials_inventory']
             success code: 204
             failure [
               { code: 400, message: 'Bad Request' }
@@ -208,6 +214,7 @@ def validate_bot_tokens(token, bot_resource)
 
           desc "Get the ssh_keys for the user belonging to group" do
             detail 'This feature was introduced in GitLab 17.9.'
+            tags ['group_credentials_inventory']
             success Entities::SshKeyWithUserId
           end
           get feature_category: :system_access do
@@ -218,6 +225,7 @@ def validate_bot_tokens(token, bot_resource)
 
           desc 'Delete an existing SSH key' do
             detail 'Delete an existing SSH key by using the ID of the key.'
+            tags ['group_credentials_inventory']
             success code: 204
             failure [
               { code: 400, message: 'Bad Request' }