Correct the documentation for create_doc privilege (#49354)

The documentation was added in #47584 but those docs did not reflect the up-to-date behavior of the feature.

Backport of: #47784

Author: tvernum

docs/reference/docs/index_.asciidoc

@@ -45,7 +45,8 @@ include::{docdir}/rest-api/common-parms.asciidoc[tag=if_primary_term]
 (Optional, enum) Set to `create` to only index the document
 if it does not already exist (_put if absent_). If a document with the specified
 `_id` already exists, the indexing operation will fail. Same as using the
-`<index>/_create` endpoint. Valid values: `index`, `create`. Default: `index`.
+`<index>/_create` endpoint. Valid values: `index`, `create`.
+If document id is specified, it defaults to `index`. Otherwise, it defaults to `create`.
 
 include::{docdir}/rest-api/common-parms.asciidoc[tag=pipeline]
 

x-pack/docs/en/security/authorization/privileges.asciidoc

@@ -164,10 +164,18 @@ Privilege to index documents. Also grants access to the update mapping action.
 However, it does not enable a user to update existing documents.
 +
 --
-NOTE: When indexing documents with an external `_id` either via the index API or
-the bulk API, the request must use `op_type` as `create`. If `_id`s are
-generated automatically, the authorization happens as if the `op_type` is set to
-`create`.
+[NOTE]
+====
+
+This privilege relies on the `op_type` of indexing requests (<<docs-index_>> and
+<<docs-bulk>>). When ingesting documents as a user who has the `create_doc`
+privilege (and no higher privilege such as `index` or `write`), you must ensure that
+'op_type' is set to 'create' through one of the following:
+
+* Explicitly setting the `op_type` in the index or bulk APIs
+* Using the `_create` endpoint for the index API
+* Creating a document with an auto-generated `_id`
+====
 
 --