copyedit overview

Author: ethanpalm

authentication-personalization/overview.mdx

@@ -11,132 +11,54 @@ keywords: ["auth"]
   [Enterprise plans](https://mintlify.com/pricing?ref=authentication) include all authentication methods.
 </Info>
 
-There are three approaches to manage access and customize your documentation based on user information.
 
-- **Authentication**: Complete privacy protection for all content with full content customization.
+Choose from three approaches to manage access and customize your documentation based on user information and your security needs:
+
+- **Full authentication**: Complete privacy protection for all content with full content customization.
 - **Partial authentication**: Page-by-page access control with full content customization.
 - **Personalization**: Content customization with **no security guarantees**. All content remains publicly accessible.
 
-**Choose authentication** if you need complete security and privacy for all your documentation, including pages, images, search results, and AI assistant features.
-
-**Choose partial authentication** if you want some pages to be public and others private.
-
-**Choose personalization** if you want to customize content based on user information and your documentation can be publicly accessible.
-
-## Handshake methods
-
-Authentication and personalization offer multiple handshake methods for controlling access to your content.
-
-### Available for all methods
+### Use case examples
 
-**JSON Web Token (JWT)**: Custom system where you manage user tokens with full control over the login flow.
+**Choose full authentication when:**
+- Building internal company documentation that contains sensitive information
+- Documenting proprietary APIs that require user verification
+- Creating customer-specific implementation guides
 
-- Pros of JWT:
-  - Reduced risk of API endpoint abuse.
-  - No CORS configuration.
-  - No restrictions on API URLs.
-- Cons of JWT:
-  - Must be compatible with your existing login flow.
-  - Dashboard sessions and docs authentication are decoupled, so your team will log into your dashboard and your docs separately.
-  - When you refresh user data, users must log into your docs again. If your users' data changes frequently, they must log in frequently or risk having stale data in your docs.
+**Choose partial authentication when:**
+- Offering public getting-started guides with private advanced features
+- Running a freemium product where premium users get additional documentation
+- Publishing open-source docs with private enterprise sections
 
-**OAuth 2.0**: Third-party login integration like Google, GitHub, or other OAuth providers.
+**Choose personalization when:**
+- Creating public API documentation that shows user-specific examples
+- Building marketing sites that customize content based on user profiles
+- Offering public tutorials that adapt to user preferences or skill levels
 
-- Pros of OAuth 2.0:
-  - Heightened security standard.
-  - No restrictions on API URLs.
-- Cons of OAuth 2.0:
-  - Requires significant work if setting up an OAuth server for the first time.
-  - Dashboard sessions and docs authentication are decoupled, so your team will log into your dashboard and your docs separately.
+## Handshake methods
 
-### Available for authentication and partial authentication
+Choose the method that best fits your existing infrastructure and security requirements.
 
-**Mintlify dashboard**: Allow all of your dashboard users to access your docs.
+| Method | Available for | Setup complexity | Best for |
+|:-------|:--------------|:-----------------|:----------|
+| **JWT** | All approaches | Medium | Custom login flows, maximum security control |
+| **OAuth 2.0** | All approaches | High | Third-party auth providers, enterprise security |
+| **Mintlify Dashboard** | Authentication only | Low | Teams already using Mintlify dashboard |
+| **Password** | Authentication only | Low | Simple shared access without personalization |
+| **Shared Session** | Personalization only | Low | Apps with existing session-based auth |
 
-- Pros of Mintlify dashboard:
-  - No configuration required.
-  - Enables private preview deployments, restricting access to authenticated users only.
-- Cons of Mintlify dashboard:
-  - Requires all users of your docs to have an account in your Mintlify dashboard.
+### When to use each method
 
-**Password**: Shared access with a single global password. Used for access control only. Does not allow for personalization.
+**JWT**: Use when you have an existing authentication system and want full control over the login flow. Ideal for custom user management or when you need to decouple documentation access from your main application.
 
-- Pros of password:
-  - Simple setup with no configuration required to add new users, just share the password.
-- Cons of password:
-  - Lose personalization features since there is no way to differentiate users with the same password.
-  - Must change the password to revoke access.
+**OAuth 2.0**: Use when you want to leverage third-party authentication providers (Google, GitHub, etc.) or need enterprise-grade security standards. Best for organizations already using OAuth infrastructure.
 
-### Available for personalization
+**Mintlify Dashboard**: Use when your documentation editors are also your documentation readers. Perfect for internal teams who already manage content through the Mintlify dashboard.
 
-**Shared session**: Use the same session token as your dashboard to personalize content.
+**Password**: Use for simple access control when you don't need to track individual users or personalize content. Good for contractors, beta users, or temporary access scenarios.
 
-- Pros of shared session:
-  - Users that are logged into your dashboard are automatically logged into your docs.
-  - User sessions are persistent so you can refresh data without requiring a new login.
-  - Minimal setup.
-- Cons of shared session:
-  - Your docs will make a request to your backend.
-  - You must have a dashboard that uses session authentication.
-  - CORS configuration is generally required.
+**Shared Session**: Use when you want seamless login between your application and documentation. Ideal when users are already authenticated in your main application and you want to personalize their documentation experience.
 
 ## Content customization
 
-All three methods allow you to customize content with these features.
-
-### Dynamic `MDX` content
-
-Display dynamic content based on user information like name, plan, or organization.
-
-The `user` variable contains information sent to your docs from logged in users. See [Sending data](/authentication-personalization/sending-data) for more information.
-
-**Example**: Hello, {user.name ?? 'reader'}!
-
-```jsx
-Hello, {user.name ?? 'reader'}!
-```
-
-This feature is more powerful when you pair it with custom data about your users. For example, you can give different instructions based on a user's plan.
-
-**Example**: Authentication is an enterprise feature. {
-user.org === undefined
-? <>To access this feature, first create an account at the <a href="https://dashboard.mintlify.com/login">Mintlify dashboard</a>.</>
-: user.org.plan !== 'enterprise'
-? <>You are currently on the ${user.org.plan ?? 'free'} plan. See <a href="https://mintlify.com/pricing">our pricing page</a> for information about upgrading.</>
-: <>To request this feature for your enterprise org, contact your admin.</>
-}
-
-```jsx
-Authentication is an enterprise feature. {
-  user.org === undefined
-    ? <>To access this feature, first create an account at the <a href="https://dashboard.mintlify.com/login">Mintlify dashboard</a>.</>
-    : user.org.plan !== 'enterprise'
-      ? <>You are currently on the ${user.org.plan ?? 'free'} plan. See <a href="https://mintlify.com/pricing">our pricing page</a> for information about upgrading.</>
-      : <>To request this feature for your enterprise org, contact your admin.</>
-}
-```
-
-<Note>
-  The information in `user` is only available for logged in users. For logged
-  out users, the value of `user` will be `{}`. To prevent the page from crashing
-  for logged out users, always use optional chaining on your `user` fields. For
-  example, `{user.org?.plan}`.
-</Note>
-
-### API key prefilling
-
-Automatically populate API playground fields with user-specific values by returning matching field names in your user data. The field names in your user data must exactly match the names in the API playground for automatic prefilling to work.
-
-### Page visibility
-
-Restrict which pages are visible to your users by adding `groups` fields to your pages' frontmatter. By default, every page is visible to every user.
-
-Users will only see pages for `groups` that they are in.
-
-```mdx
----
-title: "Managing your users"
-description: "Adding and removing users from your organization"
-groups: ["admin"]
----
-```
+All three approaches support content personalization features including dynamic MDX content, API key prefilling, and page visibility controls. For detailed implementation guidance, see [Personalization setup](/authentication-personalization/personalization-setup).