mongodb · jeff-allen-mongo · Sep 8, 2021 · Aug 24, 2021
diff --git a/source/core/authentication.txt b/source/core/authentication.txt
@@ -12,61 +12,57 @@ Authentication
    :depth: 1
    :class: singlecol
 
-Authentication is the process of verifying the identity of a client. When
-access control, i.e. :doc:`authorization </core/authorization>`, is enabled,
-MongoDB requires all clients to authenticate themselves in order to determine
-their access.
+Authentication is the process of verifying the identity of a client.
+When access control (:doc:`authorization </core/authorization>`) is
+enabled, MongoDB requires all clients to authenticate themselves in
+order to determine their access.
 
-Although authentication and :doc:`authorization </core/authorization>` are
-closely connected, authentication is distinct from authorization.
-Authentication verifies the identity of a user; authorization determines the
-verified user's access to resources and operations.
+Although authentication and :doc:`authorization </core/authorization>`
+are closely connected, authentication is distinct from authorization:
 
-Authentication Methods
-----------------------
+- **Authentication** verifies the identity of a :ref:`user <users>`.
+- **Authorization** determines the verified user's access to resources
+  and operations.
 
-.. include:: /includes/fact-authenticate.rst
+Getting Started
+---------------
+
+To get started using access control, follow these tutorials:
+
+- :ref:`enable-access-control`
+- :ref:`add-new-user`
 
 .. _available-authentication-mechanisms:
 
 Authentication Mechanisms
 -------------------------
 
-MongoDB supports a number of :ref:`authentication mechanisms
+MongoDB Community supports a number of :ref:`authentication mechanisms
 <security-authentication-mechanisms>` that clients can use to verify
-their identity. These mechanisms allow MongoDB to integrate into your
-existing authentication system.
-
-MongoDB supports multiple authentication mechanisms:
+their identity:
 
 - :ref:`authentication-scram` (*Default*)
-
 - :ref:`x.509 Certificate Authentication <security-auth-x509>`.
 
-In addition to supporting the aforementioned mechanisms, MongoDB Enterprise
-also supports the following mechanisms:
+In addition to the preceding mechanisms, MongoDB Atlas and MongoDB
+Enterprise support the following mechanisms:
 
 - :ref:`LDAP proxy authentication <security-auth-ldap>`, and
-
 - :ref:`Kerberos authentication <security-auth-kerberos>`.
 
-Internal Authentication
------------------------
+These mechanisms allow MongoDB to integrate into your
+existing authentication system.
+
+
+Internal / Membership Authentication
+------------------------------------
 
 In addition to verifying the identity of a client, MongoDB can require
 members of replica sets and sharded clusters to :ref:`authenticate
 their membership <inter-process-auth>` to their respective
 replica set or sharded cluster. See :ref:`inter-process-auth`
 for more information.
 
-Authentication on Sharded Clusters
-----------------------------------
-
-In sharded clusters, clients generally authenticate directly to the
-:binary:`~bin.mongos` instances. However, some maintenance operations may require
-authenticating directly to a specific shard. For more information on
-authentication and sharded clusters, see :ref:`sharding-security`.
-
 .. toctree::
    :titlesonly:
    :hidden: