diff --git a/docs/hub-deployment-guide/configure-auth/cilogon.md b/docs/hub-deployment-guide/configure-auth/cilogon.md
index 6a559f4ff2..f805d9f410 100644
--- a/docs/hub-deployment-guide/configure-auth/cilogon.md
+++ b/docs/hub-deployment-guide/configure-auth/cilogon.md
@@ -60,27 +60,30 @@ To get the value of the key that must go in the `allowed_idp` dict for a specifi
 
 ```yaml
 jupyterhub:
+  custom:
+    2i2c:
+      add_staff_user_ids_to_admin_users: true
+      add_staff_user_ids_of_type: google
   hub:
     config:
       JupyterHub:
         authenticator_class: cilogon
       CILogonOAuthenticator:
         oauth_callback_url: https://{{ HUB_DOMAIN }}/hub/oauth_callback
-        # Google and ANU's are configured as the hubs identity providers (idps)
         allowed_idps:
-          http://google.com/accounts/o8/id:
-            username_derivation:
-              # Use the email as the hub username
-              username_claim: "email"
-            # Authorize any user with a @2i2c.org email in this idp
-            allowed_domains:
-              - "2i2c.org"
+          # Community specific idp - enables community members to authenticate.
+          # In this example, all authenticated users are authorized via the idp
+          # specific allow_all config.
           https://idp2.anu.edu.au/idp/shibboleth:
             username_derivation:
-              # Use the email as the hub username
-              username_claim: "email"
-            # Authorize all users in this idp
-            allow_all: true
+              username_claim: email
+            allow_all: true # authorize all users authenticated by the idp
+          # Google (or GitHub) idp - enables 2i2c admin users to authenticate.
+          # The basehub chart config "custom.2i2c.add_staff_user_ids..." expands
+          # admin_users to authorize specific 2i2c staff members.
+          http://google.com/accounts/o8/id:
+            username_derivation:
+              username_claim: email
       Authenticator:
         admin_users:
           - admin@anu.edu.au
diff --git a/docs/hub-deployment-guide/configure-auth/github-orgs.md b/docs/hub-deployment-guide/configure-auth/github-orgs.md
index 77d4483fbd..6e58d14d32 100644
--- a/docs/hub-deployment-guide/configure-auth/github-orgs.md
+++ b/docs/hub-deployment-guide/configure-auth/github-orgs.md
@@ -73,6 +73,10 @@ You can remove yourself from the org once you have confirmed that login is worki
 
     ```yaml
     jupyterhub:
+      custom:
+        2i2c:
+          add_staff_user_ids_to_admin_users: true
+          add_staff_user_ids_of_type: github
       hub:
         config:
           JupyterHub:
@@ -80,7 +84,6 @@ You can remove yourself from the org once you have confirmed that login is worki
           GitHubOAuthenticator:
             oauth_callback_url: https://{{ HUB_DOMAIN }}/hub/oauth_callback
             allowed_organizations:
-              - 2i2c-org
               - ORG_NAME
             scope:
               - read:user
@@ -90,6 +93,10 @@ You can remove yourself from the org once you have confirmed that login is worki
 
     ```yaml
     jupyterhub:
+      custom:
+        2i2c:
+          add_staff_user_ids_to_admin_users: true
+          add_staff_user_ids_of_type: github
       hub:
         config:
           JupyterHub: