diff --git a/server/src/main/java/org/elasticsearch/action/search/SearchRequest.java b/server/src/main/java/org/elasticsearch/action/search/SearchRequest.java
index 7ac8c4d5299d4..b1438030e3eed 100644
--- a/server/src/main/java/org/elasticsearch/action/search/SearchRequest.java
+++ b/server/src/main/java/org/elasticsearch/action/search/SearchRequest.java
@@ -407,6 +407,21 @@ public ActionRequestValidationException validate() {
             if (scroll) {
                 validationException = addValidationError("using [point in time] is not allowed in a scroll context", validationException);
             }
+            if (indices().length > 0) {
+                validationException = addValidationError(
+                    "[indices] cannot be used with point in time. Do not specify any index with point in time.",
+                    validationException
+                );
+            }
+            if (indicesOptions().equals(DEFAULT_INDICES_OPTIONS) == false) {
+                validationException = addValidationError("[indicesOptions] cannot be used with point in time", validationException);
+            }
+            if (routing() != null) {
+                validationException = addValidationError("[routing] cannot be used with point in time", validationException);
+            }
+            if (preference() != null) {
+                validationException = addValidationError("[preference] cannot be used with point in time", validationException);
+            }
         } else if (source != null && source.sorts() != null) {
             for (SortBuilder<?> sortBuilder : source.sorts()) {
                 if (sortBuilder instanceof FieldSortBuilder
@@ -815,7 +830,7 @@ public SearchRequest rewrite(QueryRewriteContext ctx) throws IOException {
         // add a sort tiebreaker for PIT search requests if not explicitly set
         Object[] searchAfter = source.searchAfter();
         if (source.pointInTimeBuilder() != null && source.sorts() != null && source.sorts().isEmpty() == false
-        // skip the tiebreaker if it is not provided in the search after values
+            // skip the tiebreaker if it is not provided in the search after values
             && (searchAfter == null || searchAfter.length == source.sorts().size() + 1)) {
             SortBuilder<?> lastSort = source.sorts().get(source.sorts().size() - 1);
             if (lastSort instanceof FieldSortBuilder == false
diff --git a/server/src/main/java/org/elasticsearch/rest/action/search/RestSearchAction.java b/server/src/main/java/org/elasticsearch/rest/action/search/RestSearchAction.java
index d8749f5e0fdb6..711aec182525e 100644
--- a/server/src/main/java/org/elasticsearch/rest/action/search/RestSearchAction.java
+++ b/server/src/main/java/org/elasticsearch/rest/action/search/RestSearchAction.java
@@ -11,7 +11,6 @@
 import org.elasticsearch.ExceptionsHelper;
 import org.elasticsearch.Version;
 import org.elasticsearch.action.ActionRequestValidationException;
-import org.elasticsearch.action.search.SearchContextId;
 import org.elasticsearch.action.search.SearchRequest;
 import org.elasticsearch.action.search.TransportSearchAction;
 import org.elasticsearch.action.support.IndicesOptions;
@@ -50,7 +49,6 @@
 import java.util.function.IntConsumer;
 
 import static org.elasticsearch.action.ValidateActions.addValidationError;
-import static org.elasticsearch.action.search.SearchRequest.DEFAULT_INDICES_OPTIONS;
 import static org.elasticsearch.core.TimeValue.parseTimeValue;
 import static org.elasticsearch.rest.RestRequest.Method.GET;
 import static org.elasticsearch.rest.RestRequest.Method.POST;
@@ -376,41 +374,11 @@ static SuggestBuilder parseSuggestUrlParameters(RestRequest request) {
     static void preparePointInTime(SearchRequest request, RestRequest restRequest) {
         assert request.pointInTimeBuilder() != null;
         ActionRequestValidationException validationException = null;
-        if (request.indices().length > 0) {
-            validationException = addValidationError(
-                "[indices] cannot be used with point in time. Do not specify any index with point in time.",
-                validationException
-            );
-        }
-        if (request.indicesOptions().equals(DEFAULT_INDICES_OPTIONS) == false) {
-            validationException = addValidationError("[indicesOptions] cannot be used with point in time", validationException);
-        }
-        if (request.routing() != null) {
-            validationException = addValidationError("[routing] cannot be used with point in time", validationException);
-        }
-        if (request.preference() != null) {
-            validationException = addValidationError("[preference] cannot be used with point in time", validationException);
-        }
         if (restRequest.paramAsBoolean("ccs_minimize_roundtrips", false)) {
             validationException = addValidationError("[ccs_minimize_roundtrips] cannot be used with point in time", validationException);
             request.setCcsMinimizeRoundtrips(false);
         }
         ExceptionsHelper.reThrowIfNotNull(validationException);
-
-        final IndicesOptions indicesOptions = request.indicesOptions();
-        final IndicesOptions stricterIndicesOptions = IndicesOptions.fromOptions(
-            indicesOptions.ignoreUnavailable(),
-            indicesOptions.allowNoIndices(),
-            false,
-            false,
-            false,
-            true,
-            true,
-            indicesOptions.ignoreThrottled()
-        );
-        request.indicesOptions(stricterIndicesOptions);
-        var indices = SearchContextId.decodeIndices(request.pointInTimeBuilder().getEncodedId());
-        request.indices(indices);
     }
 
     /**
diff --git a/server/src/test/java/org/elasticsearch/action/search/SearchRequestTests.java b/server/src/test/java/org/elasticsearch/action/search/SearchRequestTests.java
index 0c8496081ff19..56c0feb9b77d3 100644
--- a/server/src/test/java/org/elasticsearch/action/search/SearchRequestTests.java
+++ b/server/src/test/java/org/elasticsearch/action/search/SearchRequestTests.java
@@ -457,6 +457,43 @@ public void testValidate() throws IOException {
             assertEquals(1, validationErrors.validationErrors().size());
             assertEquals("[rank] requires [explain] is [false]", validationErrors.validationErrors().get(0));
         }
+        {
+            SearchRequest searchRequest = new SearchRequest("test").source(
+                    new SearchSourceBuilder()
+                            .pointInTimeBuilder(new PointInTimeBuilder(""))
+            );
+            ActionRequestValidationException validationErrors = searchRequest.validate();
+            assertNotNull(validationErrors);
+            assertEquals(1, validationErrors.validationErrors().size());
+            assertEquals("[indices] cannot be used with point in time. Do not specify any index with point in time.", validationErrors.validationErrors().get(0));
+        }
+        {
+            SearchRequest searchRequest = new SearchRequest().indicesOptions(IndicesOptions.LENIENT_EXPAND_OPEN_CLOSED)
+                    .source(new SearchSourceBuilder().pointInTimeBuilder(new PointInTimeBuilder(""))
+            );
+            ActionRequestValidationException validationErrors = searchRequest.validate();
+            assertNotNull(validationErrors);
+            assertEquals(1, validationErrors.validationErrors().size());
+            assertEquals("[indicesOptions] cannot be used with point in time", validationErrors.validationErrors().get(0));
+        }
+        {
+            SearchRequest searchRequest = new SearchRequest().routing("route1")
+                    .source(new SearchSourceBuilder().pointInTimeBuilder(new PointInTimeBuilder(""))
+                    );
+            ActionRequestValidationException validationErrors = searchRequest.validate();
+            assertNotNull(validationErrors);
+            assertEquals(1, validationErrors.validationErrors().size());
+            assertEquals("[routing] cannot be used with point in time", validationErrors.validationErrors().get(0));
+        }
+        {
+            SearchRequest searchRequest = new SearchRequest().preference("pref1")
+                    .source(new SearchSourceBuilder().pointInTimeBuilder(new PointInTimeBuilder(""))
+                    );
+            ActionRequestValidationException validationErrors = searchRequest.validate();
+            assertNotNull(validationErrors);
+            assertEquals(1, validationErrors.validationErrors().size());
+            assertEquals("[preference] cannot be used with point in time", validationErrors.validationErrors().get(0));
+        }
     }
 
     public void testCopyConstructor() throws IOException {
diff --git a/x-pack/plugin/eql/src/main/java/org/elasticsearch/xpack/eql/execution/search/PITAwareQueryClient.java b/x-pack/plugin/eql/src/main/java/org/elasticsearch/xpack/eql/execution/search/PITAwareQueryClient.java
index 707964a93ab9e..a2627c4671060 100644
--- a/x-pack/plugin/eql/src/main/java/org/elasticsearch/xpack/eql/execution/search/PITAwareQueryClient.java
+++ b/x-pack/plugin/eql/src/main/java/org/elasticsearch/xpack/eql/execution/search/PITAwareQueryClient.java
@@ -98,6 +98,7 @@ private void searchWithPIT(MultiSearchRequest search, ActionListener<MultiSearch
     }
 
     private void makeRequestPITCompatible(SearchRequest request) {
+        request.indicesOptions(SearchRequest.DEFAULT_INDICES_OPTIONS);
         SearchSourceBuilder source = request.source();
         // don't increase the keep alive
         source.pointInTimeBuilder(new PointInTimeBuilder(pitId));
diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java
index bcb294c253ab3..3a1f9800dfdc4 100644
--- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java
+++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/AuthorizationService.java
@@ -25,7 +25,6 @@
 import org.elasticsearch.action.datastreams.MigrateToDataStreamAction;
 import org.elasticsearch.action.delete.DeleteAction;
 import org.elasticsearch.action.index.IndexAction;
-import org.elasticsearch.action.search.SearchContextId;
 import org.elasticsearch.action.search.SearchRequest;
 import org.elasticsearch.action.support.GroupedActionListener;
 import org.elasticsearch.action.support.replication.TransportReplicationAction.ConcreteShardRequest;
@@ -86,7 +85,6 @@
 import org.elasticsearch.xpack.security.authz.store.CompositeRolesStore;
 import org.elasticsearch.xpack.security.operator.OperatorPrivileges.OperatorPrivilegesService;
 
-import java.util.Arrays;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
@@ -472,28 +470,13 @@ private void authorizeAction(
                 l.onResponse(result);
             }));
         } else if (isIndexAction(action)) {
-            if (request instanceof SearchRequest searchRequest && searchRequest.pointInTimeBuilder() != null) {
-                /**
-                 * We override the {@link SearchRequest#indices} with the PIT's indices for the authorization check.
-                 * Although this copy also occurs in the rest layer, we cannot rely on it, as the action might be executed
-                 * directly in the transport client.
-                 * For backward compatibility reasons, we refrain from failing the request if {@link SearchRequest#indices}
-                 * is non-empty. Instead, we verify that the indices match the PIT definition and deny access if they don't.
-                 */
-                var indices = SearchContextId.decodeIndices(searchRequest.pointInTimeBuilder().getEncodedId());
-                if (searchRequest.indices().length > 0 && Arrays.equals(searchRequest.indices(), indices) == false) {
-                    IllegalArgumentException cause = new IllegalArgumentException(
-                        "indices defined in the [pit] don't match the request's indices"
-                    );
-                    auditTrail.accessDenied(requestId, authentication, action, request, authzInfo);
-                    listener.onFailure(actionDenied(authentication, authzInfo, action, request, cause));
-                    return;
-                }
-                searchRequest.indices(indices);
-            }
-            logger.info("request resolved=" + request.getClass().getSimpleName());
             final Metadata metadata = clusterService.state().metadata();
             final AsyncSupplier<ResolvedIndices> resolvedIndicesAsyncSupplier = new CachingAsyncSupplier<>(resolvedIndicesListener -> {
+                if (request instanceof SearchRequest searchRequest && searchRequest.pointInTimeBuilder() != null) {
+                    var resolvedIndices = indicesAndAliasesResolver.resolvePITIndices(searchRequest);
+                    resolvedIndicesListener.onResponse(resolvedIndices);
+                    return;
+                }
                 final ResolvedIndices resolvedIndices = IndicesAndAliasesResolver.tryResolveWithoutWildcards(action, request);
                 if (resolvedIndices != null) {
                     resolvedIndicesListener.onResponse(resolvedIndices);
diff --git a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/IndicesAndAliasesResolver.java b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/IndicesAndAliasesResolver.java
index 16258e71e85b8..a4163b6f10fc0 100644
--- a/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/IndicesAndAliasesResolver.java
+++ b/x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authz/IndicesAndAliasesResolver.java
@@ -11,6 +11,8 @@
 import org.elasticsearch.action.admin.indices.alias.IndicesAliasesRequest;
 import org.elasticsearch.action.admin.indices.alias.get.GetAliasesRequest;
 import org.elasticsearch.action.admin.indices.mapping.put.PutMappingRequest;
+import org.elasticsearch.action.search.SearchContextId;
+import org.elasticsearch.action.search.SearchRequest;
 import org.elasticsearch.action.support.IndicesOptions;
 import org.elasticsearch.cluster.metadata.AliasMetadata;
 import org.elasticsearch.cluster.metadata.IndexAbstraction;
@@ -176,6 +178,24 @@ static ResolvedIndices resolveIndicesAndAliasesWithoutWildcards(String action, I
         return new ResolvedIndices(localIndices, List.of());
     }
 
+    /**
+     * Returns the resolved indices from the {@link SearchContextId} within the provided {@link SearchRequest}.
+     */
+    ResolvedIndices resolvePITIndices(SearchRequest request) {
+        assert request.pointInTimeBuilder() != null;
+        var indices = SearchContextId.decodeIndices(request.pointInTimeBuilder().getEncodedId());
+        final ResolvedIndices split;
+        if (request.allowsRemoteIndices()) {
+            split = remoteClusterResolver.splitLocalAndRemoteIndexNames(indices);
+        } else {
+            split = new ResolvedIndices(Arrays.asList(indices), Collections.emptyList());
+        }
+        if (split.isEmpty()) {
+            return new ResolvedIndices(List.of(NO_INDEX_PLACEHOLDER), Collections.emptyList());
+        }
+        return split;
+    }
+
     private static void throwOnUnexpectedWildcards(String action, String[] indices) {
         final List<String> wildcards = Stream.of(indices).filter(Regex::isSimpleMatchPattern).toList();
         assert wildcards.isEmpty() == false : "we already know that there's at least one wildcard in the indices";
diff --git a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/AuthorizationServiceTests.java b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/AuthorizationServiceTests.java
index 1911a3f25a880..df03f2069d230 100644
--- a/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/AuthorizationServiceTests.java
+++ b/x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authz/AuthorizationServiceTests.java
@@ -1239,10 +1239,10 @@ public void testSearchAgainstIndex() {
 
     public void testSearchPITAgainstIndex() {
         RoleDescriptor role = new RoleDescriptor(
-            "search_index",
-            null,
-            new IndicesPrivileges[] { IndicesPrivileges.builder().indices("index-*").privileges("read").build() },
-            null
+                "search_index",
+                null,
+                new IndicesPrivileges[]{IndicesPrivileges.builder().indices("index-*").privileges("read").build()},
+                null
         );
         roleMap.put(role.getName(), role);
         final Authentication authentication = createAuthentication(new User("test search user", role.getName()));
@@ -1255,17 +1255,17 @@ public void testSearchPITAgainstIndex() {
 
         PointInTimeBuilder pit = new PointInTimeBuilder(createEncodedPIT(indexMetadata.getIndex()));
         SearchRequest searchRequest = new SearchRequest().source(new SearchSourceBuilder().pointInTimeBuilder(pit))
-            .allowPartialSearchResults(false);
+                .allowPartialSearchResults(false);
         final ShardSearchRequest shardRequest = new ShardSearchRequest(
-            new OriginalIndices(new String[] { indexName }, searchRequest.indicesOptions()),
-            searchRequest,
-            new ShardId(indexMetadata.getIndex(), 0),
-            0,
-            1,
-            AliasFilter.EMPTY,
-            1.0f,
-            System.currentTimeMillis(),
-            null
+                new OriginalIndices(new String[]{indexName}, searchRequest.indicesOptions()),
+                searchRequest,
+                new ShardId(indexMetadata.getIndex(), 0),
+                0,
+                1,
+                AliasFilter.EMPTY,
+                1.0f,
+                System.currentTimeMillis(),
+                null
         );
         this.setFakeOriginatingAction = false;
         authorize(authentication, TransportSearchAction.TYPE.name(), searchRequest, true, () -> {
@@ -1285,32 +1285,22 @@ public void testSearchPITAgainstIndex() {
                 assertThat(securityContext.getParentAuthorization(), nullValue());
             });
         });
-        assertArrayEquals(new String[] { indexName }, searchRequest.indices());
+        assertThat(searchRequest.indices().length, equalTo(0));
         verify(auditTrail).accessGranted(
-            eq(requestId),
-            eq(authentication),
-            eq(TransportSearchAction.TYPE.name()),
-            eq(searchRequest),
-            authzInfoRoles(new String[] { role.getName() })
+                eq(requestId),
+                eq(authentication),
+                eq(TransportSearchAction.TYPE.name()),
+                eq(searchRequest),
+                authzInfoRoles(new String[]{role.getName()})
         );
         verify(auditTrail).accessGranted(
-            eq(requestId),
-            eq(authentication),
-            eq(SearchTransportService.QUERY_ACTION_NAME),
-            eq(shardRequest),
-            authzInfoRoles(new String[] { role.getName() })
+                eq(requestId),
+                eq(authentication),
+                eq(SearchTransportService.QUERY_ACTION_NAME),
+                eq(shardRequest),
+                authzInfoRoles(new String[]{role.getName()})
         );
         verifyNoMoreInteractions(auditTrail);
-
-        // verify invalid search request that tries to override the pit indices
-        SearchRequest invalidSearchRequest = new SearchRequest("another_index").source(new SearchSourceBuilder().pointInTimeBuilder(pit))
-            .allowPartialSearchResults(false);
-        Exception exc = expectThrows(
-            Exception.class,
-            () -> authorize(authentication, TransportSearchAction.TYPE.name(), invalidSearchRequest)
-        );
-        assertThat(exc.getCause(), instanceOf(IllegalArgumentException.class));
-        assertThat(exc.getCause().getMessage(), containsString("indices defined in the [pit] don't match the request's indices"));
     }
 
     public void testScrollRelatedRequestsAllowed() {
diff --git a/x-pack/plugin/sql/src/main/java/org/elasticsearch/xpack/sql/execution/search/Querier.java b/x-pack/plugin/sql/src/main/java/org/elasticsearch/xpack/sql/execution/search/Querier.java
index a0da67f3006a3..256c8eb3b883b 100644
--- a/x-pack/plugin/sql/src/main/java/org/elasticsearch/xpack/sql/execution/search/Querier.java
+++ b/x-pack/plugin/sql/src/main/java/org/elasticsearch/xpack/sql/execution/search/Querier.java
@@ -161,6 +161,7 @@ private void searchWithPointInTime(SearchRequest search, ActionListener<SearchRe
             openPitRequest,
             listener.delegateFailureAndWrap((delegate, openPointInTimeResponse) -> {
                 String pitId = openPointInTimeResponse.getPointInTimeId();
+                search.indicesOptions(SearchRequest.DEFAULT_INDICES_OPTIONS);
                 search.indices(Strings.EMPTY_ARRAY);
                 search.source().pointInTimeBuilder(new PointInTimeBuilder(pitId));
                 ActionListener<SearchResponse> closePitOnErrorListener = wrap(searchResponse -> {
diff --git a/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/transforms/ClientTransformIndexer.java b/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/transforms/ClientTransformIndexer.java
index 8bb7b813687a5..0a57d8e1214ad 100644
--- a/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/transforms/ClientTransformIndexer.java
+++ b/x-pack/plugin/transform/src/main/java/org/elasticsearch/xpack/transform/transforms/ClientTransformIndexer.java
@@ -519,19 +519,24 @@ private void injectPointInTimeIfNeeded(
 
     void doSearch(Tuple<String, SearchRequest> namedSearchRequest, ActionListener<SearchResponse> listener) {
         String name = namedSearchRequest.v1();
-        SearchRequest searchRequest = namedSearchRequest.v2();
+        SearchRequest originalRequest = namedSearchRequest.v2();
         // We want to treat a request to search 0 indices as a request to do nothing, not a request to search all indices
-        if (searchRequest.indices().length == 0) {
-            logger.debug("[{}] Search request [{}] optimized to noop; searchRequest [{}]", getJobId(), name, searchRequest);
+        if (originalRequest.indices().length == 0) {
+            logger.debug("[{}] Search request [{}] optimized to noop; searchRequest [{}]", getJobId(), name, originalRequest);
             listener.onResponse(null);
             return;
         }
-        logger.trace("searchRequest: [{}]", searchRequest);
+        logger.info("searchRequest: [{}]", originalRequest);
 
-        PointInTimeBuilder pit = searchRequest.pointInTimeBuilder();
+        final SearchRequest searchRequest;
+        PointInTimeBuilder pit = originalRequest.pointInTimeBuilder();
         if (pit != null) {
             // remove the indices from the request, they will be derived from the provided pit
-            searchRequest = new SearchRequest(searchRequest).indices(new String[0]);
+            searchRequest = new SearchRequest(originalRequest)
+                    .indices(new String[0])
+                    .indicesOptions(SearchRequest.DEFAULT_INDICES_OPTIONS);
+        } else {
+            searchRequest = originalRequest;
         }
 
         ClientHelper.executeWithHeadersAsync(
@@ -559,13 +564,13 @@ void doSearch(Tuple<String, SearchRequest> namedSearchRequest, ActionListener<Se
                         e
                     );
                     namedPits.remove(name);
-                    searchRequest.source().pointInTimeBuilder(null);
+                    originalRequest.source().pointInTimeBuilder(null);
                     ClientHelper.executeWithHeadersAsync(
                         transformConfig.getHeaders(),
                         ClientHelper.TRANSFORM_ORIGIN,
                         client,
                         TransportSearchAction.TYPE,
-                        searchRequest,
+                        originalRequest,
                         listener
                     );
                     return;
@@ -578,13 +583,13 @@ void doSearch(Tuple<String, SearchRequest> namedSearchRequest, ActionListener<Se
                      * Note: Due to BWC this needs to be kept until CCS support for < 8.1 is dropped
                      */
                     namedPits.remove(name);
-                    searchRequest.source().pointInTimeBuilder(null);
+                    originalRequest.source().pointInTimeBuilder(null);
                     ClientHelper.executeWithHeadersAsync(
                         transformConfig.getHeaders(),
                         ClientHelper.TRANSFORM_ORIGIN,
                         client,
                         TransportSearchAction.TYPE,
-                        searchRequest,
+                        originalRequest,
                         listener
                     );
                     return;