Update README with new anti-lockout feature

psignoret · psignoret · commit ea9527f0bf1c · 2017-08-21T01:25:55.000+02:00
diff --git a/README.md b/README.md
@@ -195,3 +195,9 @@ Users are matched by their email in WordPress, and WordPress roles are dictated
 ### Refreshing the OpenID Connect configuration cache
 
 Most of the OpenID Connect endpoints and configuration (e.g. signing keys, etc.) are obtained from the OpenID Connect configuration endpoint. These values are cached for one hour, but can always be forced to re-load by adding `aadsso_reload_openid_config=1` to the query string in the login page. (This shouldn't really be needed, but it has shown to be useful during development.)
+
+### Bypassing automatic redirect to Azure AD to prevent lockouts
+
+If you've configured this plugin to automatically redirect to Azure AD for sign-in, but something is misconfigured, you may find yourself locked out of your site's admin dashboard.
+
+To log in to your site *without* automatically redirecting to Azure AD (thus giving you an opportunity to enter a regular username and password), you can append `?aadsso_no_redirect=please` to the login URL. For example, if your login URL is `https://example.com/wp-login.php`, navigating to `https://example.com/wp-login.php?aadsso_no_redirect=please` will prevent any automatic redirects.
