That could easily just be a different link, like the "Forgot password" link, presented at the main login page. You wouldn't interact with it normally, and thus it'd never interrupt your typical logon flow, but it'd be there when you need it.

I'm still not really sure what purpose this two-step login is solving, though, as typically every time I use an SSO it's by clicking on a button like "Log in through Facebook" or "Log in through Google", before I'm ever even asked to enter a username. Why do they need to know the username? They'll know that when I log in using the SSO provider.