DEVDOCS-6342: [update] add error message (#894)

<!-- Ticket number or summary of work -->
# [DEVDOCS-6342]


## What changed?
Added error message

## Release notes draft
<!-- Provide an entry for the release notes using simple, conversational
language. Don't be too technical. Explain how the change will benefit
the merchant and link to the feature.

Examples:
* The newly-released [X feature] is now available to use. Now, you’ll be
able to [perform Y action].
* We're happy to announce [X feature], which can help you [perform Y
action].
* [X feature] helps you to create [Y response] using the [Z query
parameter]. Now, you can deliver [ex, localized shopping experiences for
your customers].
* Fixed a bug in the [X endpoint]. Now the [Y field] will appear when
you click [Z option]. -->
* 

## Anything else?
<!-- Add related PRs, salient notes, additional ticket numbers, etc. -->

ping {names}


[DEVDOCS-6342]:
https://bigcommercecloud.atlassian.net/browse/DEVDOCS-6342?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

Author: bc-traciporter

docs/start/authentication/graphql-storefront.mdx

@@ -86,7 +86,11 @@ There are two options to obtain a customer access token.
 Enter your user email and password to use the login mutation. When using the login mutation in a server-to-server context, the mutation will return a customer access token in response to login actions as part of the GraphQL body instead of a cookie header. From there, you can store the customer access token in the presentation layer's session management system and send it with future GraphQL requests. If the login mutation request is from a browser, we will not return the customer access token in the body, and will instead set a cookie. 
 
 <Callout type="info">
-Use the [Create a Token](/docs/rest-authentication/tokens#create-a-token) endpoint to generate the storefront bearer token needed to run the login mutation call. If you still have issues creating a customer access token, we recommend clearing your cookies to resolve any loading issues. 
+* Use the [Create a Token](/docs/rest-authentication/tokens#create-a-token) endpoint to generate the storefront bearer token needed to run the login mutation call.
+* If you request a customer access token in wrong communication context, you will receive the following error: 
+    ***Customer access token was requested in the body, but it's only returned for server-to-server requests. For browser requests it's set as an httpOnly cookie instead.***
+
+* If you still have issues creating a customer access token, we recommend clearing your cookies to resolve any loading issues. 
 </Callout>
 
 <Tabs items={['Request', 'Response']}>
@@ -142,6 +146,7 @@ mutation Login($email: String!, $pass: String!) {
 </Tab>
 </Tabs>
 
+
 ###### Login with a JWT
 
 The second option is to use the `loginWithCustomerLoginJwt` mutation to pass your customer JSON web token instead of the user's email and password. In this scenario, you will generate a JWT that contains key information in the payload for the login to be successful. You will use this JWT in the login mutation to receive a customer access token.