Docs: additional explanation for "protect all flows"

[bhaugeea]

Mainly adds additional explanation of post login flows, which are not unique to this extension but highly relevant. This additional information would be helpful for new/prospective users like me. Keycloak's own documentation seems to lack a searchable explanation about how brokering bypasses subsequent authentication flow steps, and not only allows but really requires explicit post login flows.