Update cockroachcloud/authorization.md

cockroachcloud/authorization.md

@@ -41,4 +41,4 @@ Cluster Single Sign-On (SSO) for {{ site.data.products.db }} allows authorized o
 
 However, because organization roles and roles on any given SQL cluster are logically separate, a corresponding SQL role must be created for each SSO organization user, on each particular cluster.
 
-This correspondence lies in the SQL role name, which must be in the format `sso_{email_name}`. Replace '(email_name}' with the portion of the user's email address before `@`. For example, the SQL role name of a user with the email address `[email protected]`  is `sso_docs`. If the email address is not associated with a member of the organization, `ccloud` prompts you to create or add them. Only an admin can create or add a member.
+This correspondence lies in the SQL role name, which must be in the format `sso_{email_name}`. Replace '(email_name}' with the portion of the user's email address before `@`. For example, the SQL role name of a user with the email address `[email protected]`  is `sso_docs`. If the role is not set up correctly, `ccloud` prompts you to create or add it. Only an admin can manage users/roles, so you must contact your cluster administrator if you do not permissions to create SQL roles on the cluster.