docs(review): minor doc edits from review (#12272)

Signed-off-by: prmellor <pmellor@redhat.com>

Author: PaulRMellor

documentation/api/io.strimzi.api.kafka.model.connect.KafkaConnectSpec.adoc

@@ -25,12 +25,13 @@ spec:
 
 These fields are required in the `v1` CRD API version.
 In the `v1beta2` version, these properties are optional.
-If not set, the following default values apply:
 
-* `groupId` will default value `connect-cluster`
-* `configStorageTopic` will default to `connect-cluster-configs`
-* `offsetStorageTopic` will default to `connect-cluster-offsets`
-* `statusStorageTopic` will default to `connect-cluster-status`
+If you do not set them, the following default values apply:
+
+* `groupId` defaults to `connect-cluster`
+* `configStorageTopic` defaults to `connect-cluster-configs`
+* `offsetStorageTopic` defaults to `connect-cluster-offsets`
+* `statusStorageTopic` defaults to `connect-cluster-status`
 
 [id='property-kafka-connect-additional-configuration-{context}']
 = Additional configuration

documentation/assemblies/metrics/assembly_metrics-prometheus-setup.adoc

@@ -25,7 +25,7 @@ After enabling metrics, you can integrate with Prometheus:
 . xref:assembly-metrics-prometheus-{context}[Setting up Prometheus]
 . xref:proc-metrics-deploying-prometheus-alertmanager-{context}[Deploying Prometheus Alertmanager]
 
-Strimzi provides an xref:assembly-metrics-config-files-str[example Grafana dashboards] to display visualizations of metrics.
+Strimzi provides xref:assembly-metrics-config-files-str[example Grafana dashboards] to display visualizations of metrics.
 The exposed metrics provide the monitoring data when you xref:proc-metrics-grafana-dashboard-str[enable the Grafana dashboard].
 
 include::../../modules/metrics/proc-jmx-exporter-metrics-kafka-deploy-options.adoc[leveloffset=+1]

documentation/assemblies/oauth/assembly-oauth-security.adoc

@@ -9,7 +9,7 @@ Strimzi supports OAuth 2.0 token-based authentication and authorization for secu
 With OAuth 2.0 integration you can:
 
 * Enable token-based authentication on Kafka brokers  
-* Configure Kafka components, such as Kafka Connect, MirrorMaker 2, and the Kafka Bridge, to authenticate using access tokens  
+* Configure Kafka components, such as Kafka Connect, MirrorMaker 2, and the HTTP Bridge, to authenticate using access tokens  
 * Use token claims or Keycloak Authorization Services to perform fine-grained authorization
 
 OAuth 2.0 provides centralized identity and access control using access tokens issued by an authorization server.

documentation/modules/metrics/proc_metrics-custom-resource-monitoring.adoc

@@ -51,6 +51,6 @@ kubectl apply -f ksm.yaml
 +
 Metrics are scraped from the `strimzi-kube-state-metrics` service using the `ServiceMonitor` configured for the KSM deployment.
 +
-For alerting on these metrics, check the provided `PrometheusRule` resources:
+For alerting on these metrics, check the provided `PrometheusRule` resource:
 +
-* `examples/metrics/kube-state-metrics/prometheus-rules/*.yaml`
+* `examples/metrics/kube-state-metrics/prometheus-rules.yaml`

documentation/modules/oauth/con-oauth-client-config.adoc

@@ -46,7 +46,7 @@ Each component requires:
 * `OAUTHBEARER` SASL settings to authenticate to Kafka brokers
 
 The following example shows a simplified OAuth configuration for the HTTP Bridge. 
-The same structure applies to Kafka Connect and MirrorMaker 2.
+The same configuration pattern applies to Kafka Connect and MirrorMaker 2.
 
 [source,yaml]
 ----

documentation/modules/oauth/con-oauth-server-config.adoc

@@ -134,16 +134,19 @@ For more information, see xref:assembly-loading-config-with-providers-{context}[
 
 === Authenticating brokers to protected authorization-server endpoints
 
-Some authorization servers expose the JWKS endpoint publicly but require authentication when accessing protected endpoints such as the introspection endpoint.
+Some authorization servers expose the JWKS endpoint publicly but require authentication when accessing protected endpoints, such as the introspection endpoint.
 
-When a protected endpoint is used, the Kafka broker must authenticate to the authorization server.
+When the broker accesses a protected endpoint, it must authenticate to the authorization server.
 
 To configure HTTP Basic authentication, set the following properties:
 
 * `oauth.client.id`
 * `oauth.client.secret`
 
-For HTTP Bearer authentication, set one of the following properties:
+To configure HTTP Bearer authentication, set one of the following properties:
 
-* `oauth.server.bearer.token.location` to specify the file path on disk containing the bearer token.
-* `oauth.server.bearer.token` to specify the bearer token in clear text.
+* `oauth.server.bearer.token.location` to specify the file path that contains the bearer token.
+* `oauth.server.bearer.token` to specify the bearer token in clear text.
+
+NOTE: In production environments, avoid storing credentials or bearer tokens in clear text. 
+Use a secure mechanism to provide these values to the broker.