[ResponseOps] add docs for new API key functionality

[pmuellr]

PR Allow users authenticated with an API keys to manage alerting rules #154189 adds a new twist to our API key usage.

Today. for cases where APIs are used that create API keys (for instance, creating or updating a rule), if the request to make the change was authenticated with an API key, we would fail the request. Long story, but basically ES will not allow API keys to be created if you authenticate with an API key.

The change is that, now, if you use an API key in a case that would fail earlier, we now actually use the API key passed into the request, as the new API key for the rule. Whereas WE always create the API keys before, now we will have MIX of API keys that WE created and the USER created.

This ends up affecting things like the way we invalidate API keys when rules are deleted. We DO NOT delete API keys if they are a USER created key, only the keys that WE created.

I think the relevant doc we need to change is here: https://www.elastic.co/guide/en/kibana/current/alerting-setup.html#alerting-authorization , but there may be more.

[elasticmachine]

Pinging @elastic/response-ops (Team:ResponseOps)

[lcawl]

Per #154189, .. the [create rule] request returns a rule with"api_key_created_by_user":true, so the open API specifications will need to be updated to include that property too. Fixed in #158018

[lcawl]

Per https://www.elastic.co/guide/en/security/master/rules-api-create.html, the create detection rule API supports token-based authentication only. Therefore, I'm assuming that the Security Guide's alerting authorization details in https://www.elastic.co/guide/en/security/master/detections-permissions-section.html#alerting-auth-model are unchanged. If that's an incorrect assumption, please let me know. Thanks!