As sixth-generation (6G) cellular networks emerge, promising unparalleled connectivity and capabilities, yet it amplifies concerns regarding security vulnerabilities. These networks include a broader array of devices and sensors compared to earlier generations, increasing the potential for attackers to exploit weaknesses. Existing security frameworks contribute to safeguarding enterprises against external threats that originate beyond the network perimeter. These frameworks operate under the assumption that all entities inside the defined perimeters are reliable, and their primary objective is to authorize access to resources based on assigned roles and permissions. However, this strategy could be more effective today since attacks might originate from any source, including within the network perimeter. To address this issue, a zero-trust architecture (ZTA) could be a potential solution that assumes neither users nor devices can be inherently trusted, and it consistently evaluates potential risks to decide whether to allow access to resources. This article will explore the zero-trust approach and its significance in contemporary network security. We describe the role of authentication and access control in ZTA and present an in-depth discussion of state-of-the-art authentication and access control techniques in different scenarios. This article examines the applicability of the zero-trust concept in 6G networks and analyzes the associated challenges and opportunities. This article also examines case studies demonstrating the practical application of the zero trust paradigm in 6G or comparable networks. It explores the research scope and tries to identify relevant research gaps in this area.