diff --git a/bwc-test/src/test/java/org/opensearch/security/bwc/SecurityBackwardsCompatibilityIT.java b/bwc-test/src/test/java/org/opensearch/security/bwc/SecurityBackwardsCompatibilityIT.java
index 6aa7e24949..1a72eb7d7c 100644
--- a/bwc-test/src/test/java/org/opensearch/security/bwc/SecurityBackwardsCompatibilityIT.java
+++ b/bwc-test/src/test/java/org/opensearch/security/bwc/SecurityBackwardsCompatibilityIT.java
@@ -23,6 +23,8 @@
 import org.apache.http.auth.UsernamePasswordCredentials;
 import org.apache.http.client.CredentialsProvider;
 import org.apache.http.conn.ssl.NoopHostnameVerifier;
+import org.apache.http.entity.ContentType;
+import org.apache.http.entity.StringEntity;
 import org.apache.http.impl.client.BasicCredentialsProvider;
 import org.apache.http.message.BasicHeader;
 import org.apache.http.ssl.SSLContextBuilder;
@@ -39,10 +41,10 @@
 import org.opensearch.common.settings.Settings;
 import org.opensearch.common.util.concurrent.ThreadContext;
 import org.opensearch.common.util.io.IOUtils;
+import org.opensearch.common.xcontent.support.XContentMapValues;
 import org.opensearch.security.bwc.helper.RestHelper;
 import org.opensearch.test.rest.OpenSearchRestTestCase;
 
-import static org.hamcrest.MatcherAssert.assertThat;
 import static org.hamcrest.Matchers.anyOf;
 import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.hasItem;
@@ -224,15 +226,21 @@ private void ingestData(String index) throws IOException {
                     }
                 });
                 bulkRequestBody.append(objectMapper.writeValueAsString(indexRequest) + "\n");
-                bulkRequestBody.append(objectMapper.writeValueAsString(Song.randomSong().asJson()) + "\n");
+                bulkRequestBody.append(Song.randomSong().asJson() + "\n");
             }
             List<Response> responses = RestHelper.requestAgainstAllNodes(
                 testUserRestClient,
                 "POST",
                 "_bulk?refresh=wait_for",
-                RestHelper.toHttpEntity(bulkRequestBody.toString())
+                new StringEntity(bulkRequestBody.toString(), ContentType.APPLICATION_JSON)
             );
             responses.forEach(r -> assertThat(r.getStatusLine().getStatusCode(), is(200)));
+            for (Response response : responses) {
+                Map<String, Object> responseMap = responseAsMap(response);
+                List<?> itemResults = (List<?>) XContentMapValues.extractValue(responseMap, "items", "index", "result");
+                assertTrue("More than 0 response items", itemResults.size() > 0);
+                assertTrue("All results are 'created': " + itemResults, itemResults.stream().allMatch(i -> i.equals("created")));
+            }
         }
     }
 
@@ -251,6 +259,25 @@ private void searchMatchAll(String index) throws IOException {
                 RestHelper.toHttpEntity(matchAllQuery)
             );
             responses.forEach(r -> assertThat(r.getStatusLine().getStatusCode(), is(200)));
+
+            for (Response response : responses) {
+                Map<String, Object> responseMap = responseAsMap(response);
+                @SuppressWarnings("unchecked")
+                List<Map<?, ?>> sourceDocs = (List<Map<?, ?>>) XContentMapValues.extractValue(responseMap, "hits", "hits", "_source");
+
+                for (Map<?, ?> sourceDoc : sourceDocs) {
+                    assertNull("response doc should not contain field forbidden by FLS: " + responseMap, sourceDoc.get(Song.FIELD_LYRICS));
+                    assertNotNull(
+                        "response doc should contain field not forbidden by FLS: " + responseMap,
+                        sourceDoc.get(Song.FIELD_ARTIST)
+                    );
+                    assertEquals(
+                        "response doc should always have genre rock: " + responseMap,
+                        Song.GENRE_ROCK,
+                        sourceDoc.get(Song.FIELD_GENRE)
+                    );
+                }
+            }
         }
     }
 
diff --git a/bwc-test/src/test/java/org/opensearch/security/bwc/Song.java b/bwc-test/src/test/java/org/opensearch/security/bwc/Song.java
index f60d5f0fcb..ff7b8d9f87 100644
--- a/bwc-test/src/test/java/org/opensearch/security/bwc/Song.java
+++ b/bwc-test/src/test/java/org/opensearch/security/bwc/Song.java
@@ -52,6 +52,8 @@ public class Song {
     public static final String GENRE_JAZZ = "jazz";
     public static final String GENRE_BLUES = "blues";
 
+    public static final String[] GENRES = new String[] { GENRE_BLUES, GENRE_JAZZ, GENRE_ROCK };
+
     public static final String QUERY_TITLE_NEXT_SONG = FIELD_TITLE + ":" + "\"" + TITLE_NEXT_SONG + "\"";
     public static final String QUERY_TITLE_POISON = FIELD_TITLE + ":" + TITLE_POISON;
     public static final String QUERY_TITLE_MAGNUM_OPUS = FIELD_TITLE + ":" + TITLE_MAGNUM_OPUS;
@@ -112,7 +114,11 @@ public static Song randomSong() {
             UUID.randomUUID().toString(),
             UUID.randomUUID().toString(),
             Randomness.get().nextInt(5),
-            UUID.randomUUID().toString()
+            randomGenre()
         );
     }
+
+    static String randomGenre() {
+        return GENRES[Randomness.get().nextInt(GENRES.length)];
+    }
 }