diff --git a/README.md b/README.md
index eb88d93..a0d208e 100644
--- a/README.md
+++ b/README.md
@@ -25,6 +25,9 @@ tag, or opt-in to [use a full Git commit SHA] and Dependabot.
 
 ### Trusted publishing
 
+> [!NOTE] Trusted publishing does not support reusable workflows at this time,
+> please use a username/token instead.
+
 > [!NOTE]
 > Trusted publishing is sometimes referred to by its
 > underlying technology -- OpenID Connect, or OIDC for short.
diff --git a/oidc-exchange.py b/oidc-exchange.py
index fb1df00..0ac8f8b 100644
--- a/oidc-exchange.py
+++ b/oidc-exchange.py
@@ -71,6 +71,9 @@ If a claim is not present in the claim set, then it is rendered as `MISSING`.
 * `repository_owner_id`: `{repository_owner_id}`
 * `job_workflow_ref`: `{job_workflow_ref}`
 * `ref`: `{ref}`
+
+See https://docs.pypi.org/trusted-publishers/troubleshooting/ for more help
+
 """
 
 # Rendered if the package index's token response isn't valid JSON.