diff --git a/website/content/docs/concepts/permissions.mdx b/website/content/docs/concepts/permissions.mdx
index e21c3f29dd..5d099000b0 100644
--- a/website/content/docs/concepts/permissions.mdx
+++ b/website/content/docs/concepts/permissions.mdx
@@ -18,9 +18,9 @@ Each grant is a mapping that describes a resource or set of resources and the ac
 
 * An `id` field that indicates a specific resource or a wildcard to match all
 * A `type` field that indicates a specific resource type or a wildcard to match all
-* An `actions` field indicating which actions to provide the resources matched by `id` and `type`
+* An `actions` field indicating which actions to allow the client to perform on the resources matched by `id` and `type`
 
-Grant strings can be supplied via JSON or a CLI/UI friendly, easily-composable string syntax.
+Grant strings can be supplied via a human-friendly string syntax or via JSON.
 
 Roles are composable; a user's final set of grants will be composed of various
 roles that each contribute grants to a set of principals that include that user
@@ -78,12 +78,14 @@ This grants `read` and `update` actions to that single resource.
 
 ### Type Only
 
-For a given type, allow these actions. Because type specifies only a collection
-as opposed to specific resources within that collection, only colletion actions
-are allowed in this format. Currently, this is `create` and `list`. Example:
+For a given type, allow these actions. Example:
 
 `type=host-catalog;actions=create,list`
 
+Because type specifies only a collection as opposed to specific resources within
+that collection, only collection actions are allowed in this format. Currently,
+this is `create` and `list`. 
+
 There is one additional restriction: this is only valid against "top-level"
 resource types, which currently are: