DEVDOCS-4269: [update] reorder sections (#788)

<!-- Ticket number or summary of work -->
# [DEVDOCS-4269]


## What changed?
Reordered sections in API Accounts & OAuth Scopes

## Release notes draft
<!-- Provide an entry for the release notes using simple, conversational
language. Don't be too technical. Explain how the change will benefit
the merchant and link to the feature.

Examples:
* The newly-released [X feature] is now available to use. Now, you’ll be
able to [perform Y action].
* We're happy to announce [X feature], which can help you [perform Y
action].
* [X feature] helps you to create [Y response] using the [Z query
parameter]. Now, you can deliver [ex, localized shopping experiences for
your customers].
* Fixed a bug in the [X endpoint]. Now the [Y field] will appear when
you click [Z option]. -->
* 

## Anything else?
<!-- Add related PRs, salient notes, additional ticket numbers, etc. -->

ping {names}


[DEVDOCS-4269]:
https://bigcommercecloud.atlassian.net/browse/DEVDOCS-4269?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

docs/start/authentication/api-accounts.mdx

@@ -20,6 +20,26 @@ Every active API account has at least one `access_token`. [Store-level API accou
 
 **Guard these values closely.** The client ID and client secret will never change; access tokens do not expire based on time and cannot be manually invalidated. It's best practice to limit each account's [OAuth scope](#oauth-scopes) to only the privileges needed to complete that app or user's designated tasks. Create separate API accounts for each app, store API user or function, or account-related implementation.
 
+## Choosing the right kind of API account
+
+Where both types of API account are supported, review the preceding sections to make an informed choice about which best fits your use case. In the following table, links go to the relevant section of our [Authentication and Example Requests](/docs/start/authentication) article.
+
+| API or Use Case | Store-level API account | App-level API account | Account-level API account |
+|:----------------|:-----------------------:|:---------------------:|:-------------------------:|
+| [GraphQL Account API](/docs/start/authentication#access-tokens), including [Users](/docs/graphql-account/users)  |  |  | × |
+| [GraphQL Admin API](/docs/start/authentication#access-tokens) | × | × |  |
+| [GraphQL Storefront API](/docs/start/authentication#bigcommerce-generated-jwts) | × |  |  |
+| [REST Store Management APIs](/docs/start/authentication#access-tokens) | × | × |  |
+| [REST Storefront API](/docs/start/authentication#same-origin-cors-authentication) | × |  |  |
+| [Customer Login API](/docs/start/authentication#user-generated-jwts) |  | × |  |
+| [Current Customer API](/docs/start/authentication#client-id) |  | × |  |
+| [Payments API](/docs/start/authentication#bigcommerce-generated-jwts) | × | × |  |
+| [Apps that host REST Provider APIs (provider apps)](/docs/start/authentication#developer-configured-authentication) |  | × |  |
+| [Apps that create App Extensions](/docs/integrations/apps/app-extensions) |  | × |  |
+| Apps hosted in the store control panel (single-click apps) |  | × |  |
+| Manual connection between a third-party app and a store | × |  | × |
+| Single-store frontend scripts |  | × |  |
+
 ## Store-level API accounts
 
 Merchants generate single-store API credentials when they create API accounts in their store control panel, in the **[Settings > Store-level API accounts](https://login.bigcommerce.com/deep-links/manage/settings-list)** menu. Use these credentials to read and change one store's data with BigCommerce's APIs. You can't change store-level access tokens or OAuth scopes.
@@ -116,26 +136,6 @@ An account-level access token is valid until the account is no longer active. Ho
 
 To delete an account-level API account, visit the [account control panel](https://accounts.bigcommerce.com/tokens) and find the account you want to delete in the list. Click the three dots in the **Action** column, then click **Delete**. Follow any prompts that appear.
 
-## Choosing the right kind of API account
-
-Where both types of API account are supported, review the preceding sections to make an informed choice about which best fits your use case. In the following table, links go to the relevant section of our [Authentication and Example Requests](/docs/start/authentication) article.
-
-| API or Use Case | Store-level API account | App-level API account | Account-level API account |
-|:----------------|:-----------------------:|:---------------------:|:-------------------------:|
-| [GraphQL Account API](/docs/start/authentication#access-tokens), including [Users](/docs/graphql-account/users)  |  |  | × |
-| [GraphQL Admin API](/docs/start/authentication#access-tokens) | × | × |  |
-| [GraphQL Storefront API](/docs/start/authentication#bigcommerce-generated-jwts) | × |  |  |
-| [REST Store Management APIs](/docs/start/authentication#access-tokens) | × | × |  |
-| [REST Storefront API](/docs/start/authentication#same-origin-cors-authentication) | × |  |  |
-| [Customer Login API](/docs/start/authentication#user-generated-jwts) |  | × |  |
-| [Current Customer API](/docs/start/authentication#client-id) |  | × |  |
-| [Payments API](/docs/start/authentication#bigcommerce-generated-jwts) | × | × |  |
-| [Apps that host REST Provider APIs (provider apps)](/docs/start/authentication#developer-configured-authentication) |  | × |  |
-| [Apps that create App Extensions](/docs/integrations/apps/app-extensions) |  | × |  |
-| Apps hosted in the store control panel (single-click apps) |  | × |  |
-| Manual connection between a third-party app and a store | × |  | × |
-| Single-store frontend scripts |  | × |  |
-
 ## Migrating from legacy to OAuth
 
 <Callout type="warning">

docs/start/authentication/index.mdx

@@ -434,8 +434,8 @@ The following table describes the authentication characteristics of our REST Pro
 
 | API description | API reference | Configuration reference | Associated API account | Authentication method |
 |:----------------|:--------------|:------------------------|:-----------------------|:----------------------|
-| [Shipping Provider API](/docs/integrations/shipping) | [Shipping Provider Reference](/docs/integrations/shipping) | [Configure during registration](/docs/integrations/shipping#configuration-fields), and/or with [Update a carrier connection](/docs/rest-management/shipping-v2/shipping-carrier#update-a-carrier-connection) | implemented in an app | developer-defined request body keys |
-| [Tax Provider API](/docs/integrations/tax) | [Tax Provider Reference](/docs/rest-contracts/tax) | [Update a tax provider connection](/docs/rest-contracts/tax-app-connection#update-a-connection) | implemented in an app | `Authorization: Basic {{base64encode(username:password)}}` |
+| [Shipping Provider API](/docs/integrations/shipping) | [Shipping Provider Reference](/docs/integrations/shipping) | [For shipping providers defining request body keys](/docs/integrations/shipping#configuration-fields), and/or with [For connecting shipping providers using request body keys](/docs/rest-management/shipping-v2/shipping-carrier#update-a-carrier-connection) | implemented in an app | developer-defined request body keys |
+| [Tax Provider API](/docs/integrations/tax) | [Tax Provider Reference](/docs/rest-contracts/tax) | [For updating a tax provider connection](/docs/rest-contracts/tax-app-connection#update-a-connection) | implemented in an app | `Authorization: Basic {{base64encode(username:password)}}` |
 
 In the Tax Provider API `Authorization` header, the username and password belong to the app's tax provider service. What this username and password actually refer to is up to the app developer.