Update gs-authentication.md

- Fix typos
- More information on ACL

Author: anupdugar

guides/v1.0/get-started/authentication/gs-authentication.md

@@ -14,7 +14,7 @@ github_link: get-started/authentication/gs-authentication.md
 Magento allows developers to define web API resources and their permissions in a configuration file <code>webapi.xml</code>. 
 Here are more details on exposing <a href="http://devdocs.magento.com/guides/v1.0/extension-dev-guide/service-contracts/service-to-web-service.html">services as Web APIs.</a> 
 
-Before you can make web API calls, you must authenticate your identity and have requisite permissions (authorization) to access the API resource. Authentication allows Magento to identify the caller's user type. Based on the user's (admin, integration, customer or guest) access rights, API calls' resource acessibility is determined.
+Before you can make web API calls, you must authenticate your identity and have necessary permissions (authorization) to access the API resource. Authentication allows Magento to identify the caller's user type. Based on the user's (admin, integration, customer or guest) access rights, API calls' resource acessibility is determined.
 </p>
 
 <h3 id="accessible-resources">Accessible resources</h3>
@@ -26,18 +26,18 @@ Before you can make web API calls, you must authenticate your identity and have
    </tr>
    <tr>
       <td>
-         <p>Customer</p>
+         <p>Admin or Integration</p>
       </td>
-      <td>
-         <p>Resources with <code>anonymous</code> or <code>self</code> permission.</p>
+      <td>e
+         <p>Resources for which admins or integrations are authorized. For example, if admins are authorized for the <code>Magento_Customer::group</code> resource, they can make a <code>GET&nbsp;/V1/customerGroups/:id</code> call.</p>
       </td>
    </tr>
    <tr>
       <td>
-         <p>Admin or Integration</p>
+         <p>Customer</p>
       </td>
       <td>
-         <p>Resources for which admins or integrations are authorized. For example, if admins are authorized for the <code>Magento_Customer::group</code> resource, they can make a <code>GET&nbsp;/V1/customerGroups/:id</code> call.</p>
+         <p>Resources with <code>anonymous</code> or <code>self</code> permission.</p>
       </td>
    </tr>
    <tr>
@@ -51,10 +51,12 @@ Before you can make web API calls, you must authenticate your identity and have
 </table>
 
 <h3 id="acl-webapi-relation">Relation between acl.xml and webapi.xml</h3>
-<p>The acl.xml file defines the access control list (ACL) for a given module. It defines available set of permissions to access the resources. acl.xml files across all Magento modules are consolidated to build an ACL tree which is used to select allowed Admin role resources or third party Integration's access (System > Extension > Integration > Add New Integration > Available APIs).
+<p>The acl.xml file defines the access control list (ACL) for a given module. It defines available set of permissions to access the resources.
+acl.xml files across all Magento modules are consolidated to build an ACL tree which is used to select allowed Admin role resources or third party Integration's access (System > Extension > Integration > Add New Integration > Available APIs).
+Overall <a href="http://www.magentocommerce.com/api/rest/permission_settings/permission_settings.html#PermissionSettings-Authorization">ACL concept</a> remains same as Magento 1, its just been extended to cover WebAPIs. 
 </p>
 <h4 id="acl-webapi-relation">Sample customer acl.xml</h4>
-Ex: Account management, customer configuration, and customer group resource permissions are defined in the below customer acl.xml
+e.g.: Account management, customer configuration, and customer group resource permissions are defined in the below customer acl.xml
 ```xml
 <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../../../../../lib/internal/Magento/Framework/Acl/etc/acl.xsd">
     <acl>
@@ -126,12 +128,12 @@ When a developer creates the Web API configuration file : webapi.xml, the permis
 .....
 ...
 ```
-ex: 
+e.g.: 
 In the above sample webapi.xml, for the customerGroups resource, only a user with a "Magento_Customer::group" can access the GET /V1/customerGroups/:id API. On the other hand, POST /V1/customers (customer creation) can be accessed anonymously (or by a guest) without a need for presenting the identity.
 
 The user here can be an admin (or an Integration) defined in the backend with the customer group selected as one of the resource in the ACL tree.
 <div class="bs-callout bs-callout-info" id="info">
-   <p>A guest or anonymous is a special permission that doesn't need to be defined in acl.xml (and will not show up in the acl tree in the backend). It just indicates that the current resource in webapi.xml can be accessed without the need for authentication. Similarly self is a special access if you already have an authenticated session with the system and allows the user to access resources they own. ex GET /V1/customers/me will fetch the logged in customer's details. This is typically useful for javascript based widgets. </p>
+   <p>A guest or anonymous is a special permission that doesn't need to be defined in acl.xml (and will not show up in the acl tree in the backend). It just indicates that the current resource in webapi.xml can be accessed without the need for authentication. Similarly self is a special access if you already have an authenticated session with the system and allows the user to access resources they own. e.g. GET /V1/customers/me will fetch the logged in customer's details. This is typically useful for javascript based widgets. </p>
 </div>
 
 <h3 id="webapi-clients">Web API clients and authentication methods</h3>
@@ -147,7 +149,7 @@ The user here can be an admin (or an Integration) defined in the backend with th
          <p>Mobile application</p>
       </td>
       <td>
-         <p>Registered users use <a href="{{ site.gdeurl }}get-started/authentication/gs-authentication-token.html">token-based authentication</a> to make web API calls through a mobile application. The token acts like an electronic key that provides access the API.</p>
+         <p>Registered users use <a href="{{ site.gdeurl }}get-started/authentication/gs-authentication-token.html">token-based authentication</a> to make web API calls through a mobile application. The token acts like an electronic key that provides access to the API(s).</p>
          <ol>
             <li>
                <p>As a registered Magento user, you request a token from the Magento token service at the endpoint that is defined for your user type.</p>