diff --git a/README.md b/README.md
index 17c8d358d67accdf30c7a94bc118f0dec9931751..b6ee66d3930ba7b5a5a2001e01c86807ae712373 100644
--- a/README.md
+++ b/README.md
@@ -60,9 +60,7 @@ Configuration is divided into three sections: `server`, `auth`, and `ssh`.
 - `oauth_client_id` : string. Oauth Client ID.
 - `oauth_client_secret` : string. Oauth secret.
 - `oauth_callback_url` : string. URL that the Oauth provider will redirect to after user authorisation. The path is hardcoded to `"/auth/callback"` in the source.
-
 - `provider_opts` : object. Additional options for the provider.
-- `provider_opts: { domain }` : string. Applies to "google" provider. Only allow users from this Google Apps domain. This is optional but leaving it unset will allow anyone with a Google account to obtain ssh certificates so don't do that.
 
 #### Provider-specific options
 
@@ -75,17 +73,15 @@ Example:
 "auth": {
   "provider": "google",
   "provider_opts" : {
-    "domain": "example.com",
-    "organization": ""
+    "domain": "example.com"
   }
 }
 ```
 
-| Provider |       Option | Notes                                                                                                                                  |   |   |
-|---------:|-------------:|----------------------------------------------------------------------------------------------------------------------------------------|---|---|
-| Google   |       domain | If this is unset then any gmail user can obtain a token.                                                                               |   |   |
-| Github   | organization | If this is unset then any GitHub user can obtain a token. The oauth client and secrets should be issued by the specified organization. |   |   |
-|          |              |                                                                                                                                        |   |   |
+| Provider |       Option | Notes                                                                                                                                  |
+|---------:|-------------:|----------------------------------------------------------------------------------------------------------------------------------------|
+| Google   |       domain | If this is unset then any gmail user can obtain a token.                                                                               |
+| Github   | organization | If this is unset then any GitHub user can obtain a token. The oauth client and secrets should be issued by the specified organization. |
 
 Supported options: