Misc (#807)

* tip - export format when uploading to a new account

* update on premise - cron example

* note on failed pin attempts

* strike email requirement for self-host licensing

* FAQ item on changing sp entity id, acs, callback path, etc.

* tips on --apikey for CLI in SSO required organizations

* issue 804

_articles/miscellaneous/cli.md

@@ -175,6 +175,10 @@ bw login --apikey
 
 This will initiate a prompt for your personal `client_id` and `client_secret`. Once your session is authenticated using these values, you can use the `unlock` command ([learn more](#unlock)).
 
+{% callout success %}
+If your Organization [requires SSO]({{site.baseurl}}/article/policies/#single-sign-on-authentication), you can still use `--apikey` to log in to the CLI.
+{% endcallout %}
+
 #### Using API Key Environment Variables
 
 In scenarios where automated work is being done with the Bitwarden CLI, you can save environment variables to prevent the need for manual intervention at authentication.
@@ -194,6 +198,10 @@ bw login --sso
 
 This will initiate the [SSO authentication flow]({{site.baseurl}}/article/using-sso/#login-using-sso) in your web browser. Once your session is authenticated, you can use the `unlock` command ([learn more](#unlock)).
 
+{% callout success %}
+If your Organization [requires SSO]({{site.baseurl}}/article/policies/#single-sign-on-authentication), you may alternatively use `--apikey` to log in to the CLI.
+{% endcallout %}
+
 ## Unlock
 
 [Using an API Key](#using-an-api-key) or [SSO](#using-sso) to log in will require you to follow-up the `login` command with an explicit `bw unlock` if you will be working with Vault data directly.