Fixed broken links

Author: andyo-tyk

api-management/access-control/sessions-and-keys/understanding-sessions.mdx

@@ -24,7 +24,7 @@ When a request arrives, Tyk retrieves the Session and evaluates its fields to de
 
 ## Configuration Options
 
-A Session contains several categories of configuration options. While you can configure these directly on individual sessions, it is highly recommended to manage them via [**Policies**](/access-control/policies/understanding-policies).
+A Session contains several categories of configuration options. While you can configure these directly on individual sessions, it is highly recommended to manage them via [**Policies**](/api-management/access-control/policies/understanding-policies).
 
 ### Access Control
 
@@ -121,6 +121,6 @@ Instead of configuring access rights and limits directly on the session, you can
 
 ## Next Steps
 
-- Learn how to manage the [Session Lifecycle](/access-control/sessions-and-keys/session-lifecycle) to control how long a key will be valid.
-- Discover how to use [Policies](/access-control/policies/understanding-policies) to manage Sessions at scale.
+- Learn how to manage the [Session Lifecycle](/api-management/access-control/sessions-and-keys/session-lifecycle) to control how long a key will be valid.
+- Discover how to use [Policies](/api-management/access-control/policies/understanding-policies) to manage Sessions at scale.
 ```

api-management/authentication/certificate-auth.mdx

@@ -37,7 +37,7 @@ When a client makes a request:
 3. If the client is successfully authenticated, Tyk checks the client certificate against a list of authorized certificates (the "dynamic allow list")
 4. If a match is found, authorization proceeds as usual, based on the content of the linked session and any policies applied to it
 
-Each client certificate must be [pre-registered](/api-management/authentication/certificate-auth#registering-certificate-authentication-user-credentials) with the [Tyk Certificate Store](/api-management/certificates#tyk-certificate-store) and a [Session](/access-control/sessions-and-keys/understanding-sessions) created for each in the temporal storage (Redis) to create the dynamic allow list. This list is dynamic because certificate-linked session objects (and hence clients) can be added to or removed from the list without making any change to the API definition. This is in contrast to the [static allow list](/api-management/implement-tls#using-a-static-client-certificate-allow-list) approach where the list of authorized certificates is stored in the API definition.
+Each client certificate must be [pre-registered](/api-management/authentication/certificate-auth#registering-certificate-authentication-user-credentials) with the [Tyk Certificate Store](/api-management/certificates#tyk-certificate-store) and a [Session](/api-management/access-control/sessions-and-keys/understanding-sessions) created for each in the temporal storage (Redis) to create the dynamic allow list. This list is dynamic because certificate-linked session objects (and hence clients) can be added to or removed from the list without making any change to the API definition. This is in contrast to the [static allow list](/api-management/implement-tls#using-a-static-client-certificate-allow-list) approach where the list of authorized certificates is stored in the API definition.
 
 
 ## Configuring your API to use Certificate Authentication

api-management/authentication/jwt-authorization.mdx

@@ -34,7 +34,7 @@ When a request with a JWT arrives at Tyk Gateway, after the authentication (sign
    - From scope-to-policy mapping
    - From default policies
 
-3. **Update Session**: The [Session](/access-control/sessions-and-keys/understanding-sessions) is updated with the identity and policies.
+3. **Update Session**: The [Session](/api-management/access-control/sessions-and-keys/understanding-sessions) is updated with the identity and policies.
 
 In the following sections, we provide a detailed explanation of each of these steps.