[DOCS][ResponseOps][Alerting][9.1]: Add breaking change to CCS-based reporting to 9.1 Kibana release notes (#245183)

nastasha-solomon · web-flow · commit a7a6130042f4 · 2025-12-04T16:49:32.000Z
## Summary Contributes to http://github.com/elastic/docs-content-internal/issues/514 by documenting the breaking change to CCS-based reporting in the 9.1 Kibana release notes. Also took this opportunity to remove the `%` char from some breaking change descriptions (it was commenting out lines). ### Corresponding fixes - 8.19 reporting docs and Kibana release notes: #245182 - 9.1 reporting docs: elastic/docs-content#4211 ## Previews - [9.1](https://docs-v3-preview.elastic.dev/elastic/kibana/pull/245183/release-notes/breaking-changes#kibana-9.1.0-breaking-changes) - see the second item in the section
diff --git a/docs/release-notes/breaking-changes.md b/docs/release-notes/breaking-changes.md
@@ -39,19 +39,30 @@ If you are migrating from a version prior to version 9.0, you must first upgrade
 ## 9.2.0 [kibana-9.2.0-breaking-changes]
 $$$kibana-230067$$$
 ::::{dropdown} Improved advanced settings management APIs privilege checks 
-% **Details**<br> Roles with explicit `read` access to advanced settings but `all` access to `SavedObjectManagement` can no longer update settings using the internal advanced settings API. This update enforces explicit privileges instead of relying on saved object security checks.
+**Details**<br> Roles with explicit `read` access to advanced settings but `all` access to `SavedObjectManagement` can no longer update settings using the internal advanced settings API. This update enforces explicit privileges instead of relying on saved object security checks.
 View [#230067]({{kib-pull}}230067).
 ::::
 
 ## 9.1.0 [kibana-9.1.0-breaking-changes]
 $$$kibana-213916$$$
 ::::{dropdown} Change to variable syntax in {{esql}} queries
 
-% **Details**<br> Fields and functions variables are now described with `??` in {{esql}} queries. For value variables, you can continue to use `?`. 
+**Details**<br> Fields and functions variables are now described with `??` in {{esql}} queries. For value variables, you can continue to use `?`. 
 
 View [#213916]({{kib-pull}}213916).
 ::::
 
+$$$kibana-216558$$$
+::::{dropdown} API keys are used for authenticating report generation requests
+
+**Details**<br> In 9.1.0, report generation requests are authenticated by API keys instead of session cookies. There are several key differences between the authentication methods. API keys capture your role privileges, whereas session cookie are based on your user credentials. API keys are also longer-lived, compared to session cookies, which have a shorter lifespan.
+
+
+If you have a cross-cluster search environment and want to generate reports from remote clusters, you must have the appropriate cluster and index privileges on the remote cluster and local cluster. For example, if requests are authenticated with an API key, the API key requires certain privileges on the local cluster that contains the local index, in addition to the remote. For more information and examples, refer to [Configure roles and users for remote clusters](docs-content://deploy-manage/remote-clusters/remote-clusters-cert.md#remote-clusters-privileges-cert).
+
+View [#216558]({{kib-pull}}216558).
+::::
+
 ## 9.0.0 [kibana-900-breaking-changes]
 $$$kibana-193792$$$
 :::{dropdown} Access to {{kib}}'s internal APIs is blocked
