KEYCLOAK-7471 Improve adapter documentation for parameters-forwarding and prompt

securing_apps/topics/oidc/java/params_forwarding.adoc

@@ -19,7 +19,11 @@ The supported parameters are:
 
 * scope
 
-* prompt
+* prompt - {project_name} supports these settings:
+** `login` - SSO will be ignored and the {project_name} login page will be always shown, even if the user is already authenticated
+** `none` - The login page will never be shown; instead the user will be redirected to the application, with an error if the user
+is not yet authenticated. This setting allows you to create a filter/interceptor on the application side and show a custom error page
+to the user. See more details in the specification.
 
 * max_age
 
@@ -30,3 +34,7 @@ The supported parameters are:
 Most of the parameters are described in the http://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint[OIDC specification].
 The only exception is parameter `kc_idp_hint`, which is specific to {project_name} and contains the name of the identity provider to automatically use.
 For more information see the `Identity Brokering` section in link:{adminguide_link}[{adminguide_name}].
+
+WARNING: If you open the URL using the attached parameters, the adapter will not redirect you to {project_name} if you are already authenticated
+in the application. For example, opening $$http://myappserver/mysecuredapp?prompt=login$$ will not automatically redirect you to
+the {project_name} login page if you are already authenticated to the application `mysecredapp` . This behavior may be changed in the future.