Updates warning about editing rules using API authentication

docs/detections/api/rules/rules-api-bulk-actions.asciidoc

@@ -12,7 +12,7 @@ You can bulk create, update, and delete rules.
 
 IMPORTANT: This API has been deprecated since version 8.2, and is scheduled for end of life in Q4 2023. Please use the <<bulk-actions-rules-api-action, bulk action API>> instead.
 
-WARNING: This API supports {kibana-ref}/api.html#token-api-authentication[Token-based authentication] only.
+WARNING: When used with {kibana-ref}/api-keys.html[API key] authentication, the user's key will be assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running.
 
 Creates new rules.
 
@@ -145,7 +145,7 @@ A JSON array containing the deleted rules.
 
 IMPORTANT: This API has been deprecated since version 8.2, and is scheduled for end of life in Q4 2023. Please use the <<bulk-actions-rules-api-action, bulk action API>> instead.
 
-WARNING: This API supports {kibana-ref}/api.html#token-api-authentication[Token-based authentication] only.
+WARNING: When used with {kibana-ref}/api-keys.html[API key] authentication, the user's key will be assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running.
 
 Updates multiple rules.
 
@@ -228,6 +228,8 @@ A JSON array containing the updated rules.
 [[bulk-actions-rules-api-action]]
 ==== Bulk action
 
+WARNING: When used with {kibana-ref}/api-keys.html[API key] authentication, the user's key will be assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running.
+
 Applies a bulk action to multiple rules. The bulk action is applied to all rules that match the filter or to the list of rules by their IDs.
 
 [discrete]

docs/detections/api/rules/rules-api-create.asciidoc

@@ -6,7 +6,7 @@
 :frontmatter-tags-content-type: [reference]
 :frontmatter-tags-user-goals: [manage]
 
-WARNING: This API supports {kibana-ref}/api.html#token-api-authentication[Token-based authentication] only.
+WARNING: When used with {kibana-ref}/api-keys.html[API key] authentication, the user's key will be assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running.
 
 Creates a new detection rule.
 

docs/detections/api/rules/rules-api-import.asciidoc

@@ -6,7 +6,7 @@ Imports rules from an `.ndjson` file. The following configuration items are also
 * Actions
 * Exception lists
 
-NOTE: This API supports {kibana-ref}/api.html#token-api-authentication[Token-based authentication] only.
+WARNING: When used with {kibana-ref}/api-keys.html[API key] authentication, the user's key will be assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running.
 
 NOTE: To import rules with actions, you need at least `Read` privileges for the `Action and Connectors` feature. To overwrite or add new connectors, you need `All` privileges for the `Actions and Connectors` feature. To import rules without actions,  you don't need `Actions and Connectors` privileges. Refer to <<enable-detections-ui>> for more information.
 

docs/detections/api/rules/rules-api-overview.asciidoc

@@ -31,6 +31,18 @@ the status of Elastic <<prebuilt-rules, prebuilt rules>>
 TIP: You can view and download a Detections API Postman collection
 https://github.com/elastic/examples/tree/master/Security%20Analytics/SIEM-examples/Detections-API[here].
 
+[float]
+=== Authentication
+This API supports both key- and token-based authentication.
+
+To use key-based authentication, create an {kibana-ref}/api-keys.html[API key], then specify the key in the header of your API calls.
+
+To use token-based authentication, provide a username and password; an API key that matches the current privileges of the user is created automatically.
+
+In both cases, the API key is subsequently used for authorization when the rule runs.
+
+NOTE: If the API key has different privileges than the key that created or most recently updated the rule, the rule behavior might change.
+
 [float]
 === Kibana role requirements
 

docs/detections/api/rules/rules-api-update.asciidoc

@@ -1,7 +1,7 @@
 [[rules-api-update]]
 === Update rule
 
-WARNING: This API supports {kibana-ref}/api.html#token-api-authentication[Token-based authentication] only.
+WARNING: When used with {kibana-ref}/api-keys.html[API key] authentication, the user's key will be assigned to the affected rules. If the user's key gets deleted or the user becomes inactive, the rules will stop running.
 
 Updates an existing detection rule.