auth: minor cleanup for overview

Co-authored-by: Johnny Horvi <johnny@horvi.no>

Author: tronghn

docs/auth/README.md

@@ -2,7 +2,7 @@
 tags: [auth, explanation]
 description: Services and addons to support authentication and authorization in your applications.
 ---
-# Authentication and authorization
+# Authentication and authorization overview
 
 NAIS helps your applications [log in users](#logging-in-users), [validate inbound requests](#validating-inbound-requests) and [make authenticated outbound requests](#making-outbound-requests) using the following identity providers:
 
@@ -26,16 +26,17 @@ NAIS helps your applications [log in users](#logging-in-users), [validate inboun
 
 </div>
 
-Your application may have multiple authentication use cases that may require a combination of services. 
+Your application may have multiple use cases that can require a combination of services.
 
-Check out the different scenarios below to see which service(s) you need for your application.
+See the different scenarios below to identify which service(s) you need for your application, and follow the links to the respective service for more details.
 
 ## Logging in users
 
-:person_standing: authenticate employee :octicons-arrow-right-24: [Azure AD](../security/auth/azure-ad/sidecar)
+Depending on who your users are, you can use the following services to log them in:
 
-:person_standing: authenticate citizen :octicons-arrow-right-24: [ID-porten] 
+:person_standing: Log in employees :octicons-arrow-right-24: [Azure AD](../security/auth/azure-ad/sidecar)
 
+:person_standing: Log in citizens :octicons-arrow-right-24: [ID-porten]
 
 ## Validating inbound requests
 
@@ -56,18 +57,15 @@ graph TD
 
 The graph above can also be described as:
 
-
-:material-server: Validate requests from internal application :octicons-arrow-right-24: [Azure AD] 
-
-:material-server: Validate requests from external application :octicons-arrow-right-24: [Maskinporten] 
-
 :material-server::person_standing: Validate requests from application on behalf of employee :octicons-arrow-right-24: [Azure AD]
 
 :material-server::person_standing: Validate requests from application on behalf of citizen :octicons-arrow-right-24: [TokenX]
 
+:material-server: Validate requests from internal application :octicons-arrow-right-24: [Azure AD]
 
-## Making outbound requests
+:material-server: Validate requests from external application :octicons-arrow-right-24: [Maskinporten]
 
+## Making outbound requests
 
 ```mermaid
 graph TD
@@ -76,12 +74,13 @@ graph TD
 
   B1 --> |citizens| TokenX[<a href='../security/auth/tokenx'>TokenX</>]
   B1 --> |employees| AAD_machine[<a href='../security/auth/azure-ad'>Azure AD</>]
-    
   
   B2 --> |internally| AAD_machine[<a href='../security/auth/azure-ad'>Azure AD</>]
   B2 --> |externally| Maskinporten[<a href='../security/auth/maskinporten'>Maskinporten</a>]
 ```
 
+The graph above can also be described as:
+
 :material-server::person_standing: Make requests on behalf of employee :octicons-arrow-right-24: [Azure AD]
 
 :material-server::person_standing: Make requests on behalf of citizen :octicons-arrow-right-24: [TokenX]
@@ -90,7 +89,6 @@ graph TD
 
 :material-server: Make requests to external API :octicons-arrow-right-24: [Maskinporten]
 
-
 [Azure AD]: ../security/auth/azure-ad
 [ID-porten]: ../security/auth/idporten
 [TokenX]: ../security/auth/tokenx