From 8be7a23b3c377916bdf5f32ada9e01b02180e76f Mon Sep 17 00:00:00 2001
From: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
Date: Tue, 14 Nov 2023 10:27:18 -0500
Subject: [PATCH] Update _security/access-control/authentication-tokens.md

Co-authored-by: kolchfa-aws <105444904+kolchfa-aws@users.noreply.github.com>
Signed-off-by: Stephen Crawford <65832608+scrawfor99@users.noreply.github.com>
---
 _security/access-control/authentication-tokens.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/_security/access-control/authentication-tokens.md b/_security/access-control/authentication-tokens.md
index be6ba77c5c..e3f2ebc784 100644
--- a/_security/access-control/authentication-tokens.md
+++ b/_security/access-control/authentication-tokens.md
@@ -66,7 +66,7 @@ You can access the `POST /_plugins/_security/api/generateonbehalfoftoken` API en
 
 To access this API endpoint, the request body should contain three API parameters:
 
-* description: This allows the use to articulate the purpose for requesting this token, providing clarity and transparency.
+* `description`: This parameter allows the user to articulate the purpose for requesting this token, providing clarity and transparency.
 * service (optional): This parameter is directed to the audience claim of the on-behalf-of token. It offers users the opportunity to designate the target service for which they intend to use the token. Although this is an optional parameter, if not specified, the default value is set to "self-issued".
 * durationSeconds (optional): This parameter allows users to customize the token's expiration time according to its anticipated usage. However, the maximum duration is capped at 600 seconds to maintain security. If not specified, the default duration is set to 300 seconds.
 * Here is an example of requesting an on-behalf-of token with lifespan of 3 mins as user '“admin” for testing purpose: