[[secure-reporting]] === Reporting and Security Reporting operates by creating and updating documents in Elasticsearch in response to user actions in Kibana. To use Reporting with {security} enabled, you need to <>. If you are automatically generating reports with <>, you also need to configure {watcher} to trust the Kibana server's certificate. //TO-DO: Add link: //For more information, see {kibana-ref}/securing-reporting.html[Securing Reporting]. [[reporting-app-users]] To enable users to generate reports, assign them the built in `reporting_user` and `kibana_user` roles: * If you're using the `native` realm, you can assign roles through **Management / Users** UI in Kibana or with the `user` API. For example, the following request creates a `reporter` user that has the `reporting_user` and `kibana_user` roles: + [source, sh] --------------------------------------------------------------- POST /_xpack/security/user/reporter { "password" : "x-pack-test-password", "roles" : ["kibana_user", "reporting_user"], "full_name" : "Reporting User" } --------------------------------------------------------------- * If you are using an LDAP or Active Directory realm, you can either assign roles on a per user basis, or assign roles to groups of users. By default, role mappings are configured in <>. For example, the following snippet assigns the user named Bill Murray the `kibana_user` and `reporting_user` roles: + [source,yaml] -------------------------------------------------------------------------------- kibana_user: - "cn=Bill Murray,dc=example,dc=com" reporting_user: - "cn=Bill Murray,dc=example,dc=com" --------------------------------------------------------------------------------