From db41d747592512f4e4edb936d2122387403005b9 Mon Sep 17 00:00:00 2001
From: Josh Hawkins <32435876+hawkeye217@users.noreply.github.com>
Date: Thu, 11 Sep 2025 12:23:01 -0500
Subject: [PATCH] clarify docs

---
 docs/docs/configuration/authentication.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/docs/configuration/authentication.md b/docs/docs/configuration/authentication.md
index 2c9dafef8..a23e0117f 100644
--- a/docs/docs/configuration/authentication.md
+++ b/docs/docs/configuration/authentication.md
@@ -170,7 +170,7 @@ In this example:
 - The `remote-role` header determines the user’s privileges:
   - **admin** → Full access (user management, configuration changes).
   - **viewer** → Read-only access.
-  - **Custom roles** → Access limited to the cameras defined in `auth.roles[role]`.
+  - **Custom roles** → Read-only access limited to the cameras defined in `auth.roles[role]`.
 - Ensure your **proxy sends both user and role headers** for proper role enforcement.
 
 **Unauthenticated Port (5000)**
@@ -220,7 +220,7 @@ Frigate supports user roles to control access to certain features in the UI and
 
 ### Custom Roles and Camera Access
 
-Custom roles allow fine-grained control over camera access. Each role specifies an array of allowed camera names. If a user is assigned a role, they are like the **viewer** role - they can only view Live, Review/History, Explore, and Export for those cameras. Backend API endpoints enforce this server-side (e.g., returning 403 for unauthorized cameras), and the frontend UI filters content accordingly (e.g., camera dropdowns show only permitted options).
+The viewer role provides read-only access to all cameras in the UI and API. Custom roles allow admins to limit read-only access to specific cameras. Each role specifies an array of allowed camera names. If a user is assigned a custom role, their account is like the **viewer** role - they can only view Live, Review/History, Explore, and Export for the designated cameras. Backend API endpoints enforce this server-side (e.g., returning 403 for unauthorized cameras), and the frontend UI filters content accordingly (e.g., camera dropdowns show only permitted options).
 
 ### Role Configuration Example