Refine user management roles descriptions

src/content/docs/accounts/accounts-billing/new-relic-one-user-management/user-management-concepts.mdx

@@ -131,18 +131,15 @@ You can create roles at three different scopes, each serving different purposes:
 
 * **Organization-scoped roles**: You apply these roles for organization-wide functions like managing authentication domains, creating accounts, configuring organization settings, or managing scorecards and teams. Standard roles include:
   * <DNT>**Organization manager**</DNT>: Permissions related to organization settings, including adding accounts, and changing the name of the organization and accounts. This also includes sensitive observability tasks, such as deleting certain entities.
-  * <DNT>**Authentication domain manager**</DNT>: Permissions related to adding and managing users, including configuring authentication domains and customizing groups and roles. Options within this include:
-    * <DNT>**Manage**</DNT>: Can manage all aspects of authentication domains, including configuring domains and adding users.
-    * <DNT>**Read only**</DNT>: Can view authentication domain and user information.
-    * <DNT>**Add users**</DNT>: Can view user information, and add users to the organization, but lacks other auth domain configuration and management abilities.
-    * <DNT>**Read users**</DNT>: Can only view user information.
+  * <DNT>**Authentication domain manager**</DNT>: Permissions related to adding and managing users, including configuring authentication domains and customizing groups and roles.
   * <DNT>**Billing**</DNT>: Lets a user view and manage billing and usage, and data retention. For organizations with multiple accounts, billing is aggregated in the <DNT>**reporting account**</DNT> (usually the first account created in an organization).
-  * <DNT>**Organization product admin**</DNT>: Permissions related to organization-scoped observability features like scorecard and team management. This is the organization-scoped equivalent to <strong>All product admin</strong>.
+  * <DNT>**Organization product admin**</DNT>: Permissions related to organization-scoped observability features like scorecard and team management. This is the organization-scoped equivalent to <strong>All product admin</strong>
+* <DNT>**Organization read only**</DNT>: Provides read-only access to the New Relic platform organization-scoped features.
 
 * **Account-scoped roles**: You apply these roles for access to platform features within specific accounts, such as configuring APM settings, managing alerts, or running queries. These are the traditional roles most users work with. Standard roles include:
   * <DNT>**All product admin**</DNT>: Includes all New Relic platform permissions except the ability to manage organization-level settings, users, and billing.
   * <DNT>**Standard user**</DNT>: Provides access to our platform features but lacks permissions to configure those features and lacks organization-level and user management permissions.
-  * <DNT>**Read only**</DNT>: Provides read-only access to the New Relic platform.
+  * <DNT>**Read only**</DNT>: Provides read-only access to the New Relic platform account-scoped features.
 
 * **Entity-scoped roles**: You apply these roles for fine-grained access to specific resources like individual dashboards, fleets, or alert policies. This enables precise permission control at the individual resource level. You can create custom entity-scoped roles based on your needs.