memgraph
diff --git a/‎pages/database-management/authentication-and-authorization.mdx
Lines changed: 1 addition & 1 deletion b/‎pages/database-management/authentication-and-authorization.mdx
Lines changed: 1 addition & 1 deletion
diff --git a/‎pages/database-management/authentication-and-authorization/_meta.ts
Lines changed: 1 addition & 1 deletion b/‎pages/database-management/authentication-and-authorization/_meta.ts
Lines changed: 1 addition & 1 deletion
diff --git a/‎pages/database-management/authentication-and-authorization/auth-system-integrations.mdx
Lines changed: 2 additions & 2 deletions b/‎pages/database-management/authentication-and-authorization/auth-system-integrations.mdx
Lines changed: 2 additions & 2 deletions
@@ -17,7 +17,7 @@ Learn how to manage users in Memgraph.
 
 Learn how to manage roles, set up their privileges and fine-grained access control. 
 
-## [Multiple roles per user](/database-management/authentication-and-authorization/multiple-roles) (Enterprise)
+## [Multiple roles per user and multi-tenant roles](/database-management/authentication-and-authorization/multiple-roles) (Enterprise)
 
 Learn how to assign multiple roles to users simultaneously and understand how permissions are combined from all roles.
 
 
@@ -1,7 +1,7 @@
 export default {
     "users": "Users",
     "role-based-access-control": "Role-based access control",
-    "multiple-roles": "Multiple roles per user",
+    "multiple-roles": "Multiple roles per user and multi-tenant roles",
     "auth-system-integrations": "Auth system integrations",
     "impersonate-user": "Impersonate user"
 }
@@ -87,7 +87,7 @@ The protocol used between Memgraph and the module is as follows:
      in to the database
     - `role` - a `string` indicating which role the user should have (backward compatible)
     - `roles` - an array of strings indicating which roles the user should have (new format)
-    - `username` - the user's username (optional, can be derived from auth token)
+    - `username` - the user's username (optional)
     - `errors` (optional) - if `authenticated` is false, Memgraph will put up a
      warning with the error message returned by the module
 
@@ -140,7 +140,7 @@ The system will:
 When a user has multiple roles, their permissions are combined using the following rules:
 - **Grants**: If any role grants a permission, the user has that permission
 - **Denies**: If any role denies a permission, the user is denied that permission
-- **Database Access**: If any role grants access to a database, the user has access
+- **Database Access**: If any role grants and no role denies access to a database, the user has access
 - **Fine-grained Permissions**: Combined using the same grant/deny logic
 
 ### Module example
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`export default {`
`2`	`2`	`"users": "Users",`
`3`	`3`	`"role-based-access-control": "Role-based access control",`
`4`		`- "multiple-roles": "Multiple roles per user",`
	`4`	`+ "multiple-roles": "Multiple roles per user and multi-tenant roles",`
`5`	`5`	`"auth-system-integrations": "Auth system integrations",`
`6`	`6`	`"impersonate-user": "Impersonate user"`
`7`	`7`	`}`