README.md in nulogy_sso-0.2.0 vs README.md in nulogy_sso-0.3.0

@@ -28,19 +28,24 @@
 get "logout", to: redirect("sso/logout")
 ```
 
 The engine now needs to be configured. First create a YAML config file, perhaps named `config/auth_sso.yml`, to configure your app's Auth0 settings. This assumes that the necessary Auth0 applications have been created in the correct Auth0 tenants. The [CPI auth_sso.yml file](https://github.com/nulogy/Common-Platform-Interface/blob/master/config/auth_sso.yml) is a good starting place.
 
-With that available, you can configure the engine with an initializer file. This is where _NulogySSO_ can be customized according to your application's needs. Put this code into `config/initializers/nulogy_sso.rb`, with the appropriate modifications implemented:
+With that available, you can configure the engine with an initializer file. This is where _NulogySSO_ can be customized according to your application's needs. Put the below code into `config/initializers/nulogy_sso.rb`, with the appropriate modifications implemented. For `auth_config`, refer to [nulogy_sso.rb](lib/nulogy_sso.rb) for a list of required keys and [auth_sso.yml](spec/dummy/config/auth_sso.yml) for an example config file.
 
 ```ruby
-# Compiles config/auth_sso.yml into a Ruby object
+# Compiles config/auth_sso.yml into a Ruby object. An error is thrown if required keys are missing.
+# See lib/nulogy_sso.rb for required keys.
 NulogySSO.auth_config = Rails::Application.config_for(:auth_sso)
-# Return the user matching the provided email
+
+# Return the user matching the provided email, or nil if not found.
 NulogySSO.find_user_by_email = ->(email) { nil } 
-# Return a boolean to indicate if the Auth0 user is valid for this app, or true if this step is not necessary
-NulogySSO.validate_user = ->(user) { true } 
+
+# Handle errors from the SSO authentication flow, according to the app's design.
+# This includes internal errors from the Auth0 gem (ie, token signature mismatch) and no user from the app DB matching the email from the JWT.
+# The controller is passed as an argument to give the handler access to the "controller context", which is useful for tasks such as rendering a view.
+NulogySSO.handle_sso_error = ->(controller) { } 
 ```
 
 The app is now ready to authenticate a user with Auth0! With NulogyAuth and Auth0, the user's identity is maintained across requests (and apps!) via a [JWT](https://auth0.com/docs/jwt) stored as a browser cookie. Add this code to the `ApplicationController`:
 
 ```ruby
@@ -49,11 +54,11 @@
   before_action :authenticate_sso_user
   # ...
 end
 ```
 
-As an added bonus, NulogySSO also emulates the common Devise pattern of making the current User's user model object available via `current_user`. This is made available through inclusion of `ControllerHelper`.
+As an added bonus, NulogySSO also emulates the common Devise pattern of making the current User's user model object available via `current_user`. This is made available through including `ControllerHelper`.
 
 ## Development
 
 ### Setup
 
@@ -86,5 +91,6 @@
 
 * Parameterize app name for error page
 * Buildkite pipeline
 * Rubocop
 * Rake install task (ie, generate required files automatically, instead of requiring a heavy amount of manual work to integrate nulogy_sso into a Rails app)
+* Add additional hooks, as necessitated by unique use cases for new apps using this engine