diff --git a/config/clusters/cloudbank/enc-tuskegee.secret.values.yaml b/config/clusters/cloudbank/enc-tuskegee.secret.values.yaml
index 359551d71d..7a15ab59f2 100644
--- a/config/clusters/cloudbank/enc-tuskegee.secret.values.yaml
+++ b/config/clusters/cloudbank/enc-tuskegee.secret.values.yaml
@@ -1,20 +1,20 @@
 jupyterhub:
     hub:
         config:
-            CILogonOAuthenticator:
-                client_id: ENC[AES256_GCM,data:ks6gGT32/DnjnMgVkrWh1nVY9Lvk80mvK6M//5uL/6AWYhxW3FHYkvMSmixRMfYqcRiF,iv:WSFYUm4ltEh9vj62adxOb/emDy62m4QYerbuIDN6cfk=,tag:UO3sKDB5GXX/oM163P31lQ==,type:str]
-                client_secret: ENC[AES256_GCM,data:R775NB/a3joyf9A/w3hbpIvE0bxag05egVCHSayCdvxuqOCcRQ6Hms1+1uSYwF12VAMpKXVp6Idy85lBZA8suTRSivsTENpFgBwBccbNXsdPr5qc7Ow=,iv:/4r4qcOP5e2svftTS9jpk7AGkOs84Lh4r96nWJ355io=,tag:4iBjL7CsY9Di7EcMZ9SdDw==,type:str]
+            GitHubOAuthenticator:
+                client_id: ENC[AES256_GCM,data:D/B4l4MN2CH4QSgINuBgEmmD4Qw=,iv:YxkF9j3TcEz+b9YaaPHKRlvTK65MeVVdyQtVfOCk09o=,tag:5fLzRRrGmBKeo+nL2pUBgA==,type:str]
+                client_secret: ENC[AES256_GCM,data:sh/Kmk5bJ3eZd7Snqs+9mU7Tn3TPRVBu2InnhEN3o8nemSRt7JNO9A==,iv:ZaXb3MzYrG7qyjrg2oavC1g59ezPZkeRarCuv9rMVxI=,tag:A2maLtPiXSVtoHBkjsIKEA==,type:str]
 sops:
     kms: []
     gcp_kms:
         - resource_id: projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs
-          created_at: "2023-03-10T13:50:43Z"
-          enc: CiUA4OM7eHEOrOekx/0qLP0xvvuWwl5t/9vmlpzec0P4cvEA5uWgEkkALQgViL4/5Ji3v+RHapPIcCJmSigcZI86E888/zAM1qHbnk979I+9GjSzEWrty4xtd1jGsRu4v7AakWr+F3cm11NP2Bj9/Q9f
+          created_at: "2024-06-12T18:41:19Z"
+          enc: CiUA4OM7eHwqhJFy+6xXl1Je7s8Pn/WQwcW5Y2GDGWJ2qQuCpZjUEkkAWX/fcaVa8c84el2HghzEdrxx3d9Xr1ofov7RpIF6eszfcSzLfOHK/MjNTT3vwO3EeA6odU3/pNctgC+qJUvful4O3IudJNJJ
     azure_kv: []
     hc_vault: []
     age: []
-    lastmodified: "2023-03-10T13:50:43Z"
-    mac: ENC[AES256_GCM,data:Un7C60hO2h41QDHeMa7ayqmeRwOUjGfPgjwj8dpaZzAZ1DDAbh66YzRFfjN9hppKM0tCRr49ao8NHCLL/uxa5Nwn/ffduRPchP4nbGsO7g1ZsA6CnnbM5Bca7bKXsvzGVTqvKSGdpUxmgBD9MtkZ8VCjl6lecgA5y/W5CiXAK7Q=,iv:xD2xcCTvKdjgHXycIggV5L8o42ZucLG5ZoUj8QjTRQU=,tag:nuVWQV5NBYw4Kea4HtIJtA==,type:str]
+    lastmodified: "2024-06-12T18:41:20Z"
+    mac: ENC[AES256_GCM,data:bkafUdk7aMReWiBDlic517aBv4MSYvHNCw/wWocRLamP7EtiwHiiplRx4ANcpwhrpaA/iHEnYA+/umJYWb2GBbHjuyge2L0NGIgc2LfCKjBvgWyT+3Xw15HMvCMpOWprCljadys9Z/wka7C1fI+BZKZNhYRbz2OMo+9z6TEeb9U=,iv:f0j3wRno0+g5WG95oXHMK0YPE5LcgCFTEByX9whz0HY=,tag:n/h1a1gURUEnEYGa1Q+9XQ==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
-    version: 3.7.3
+    version: 3.8.1
diff --git a/config/clusters/cloudbank/tuskegee.values.yaml b/config/clusters/cloudbank/tuskegee.values.yaml
index fcd3225ddd..ba77ff4ffe 100644
--- a/config/clusters/cloudbank/tuskegee.values.yaml
+++ b/config/clusters/cloudbank/tuskegee.values.yaml
@@ -26,48 +26,14 @@ jupyterhub:
   hub:
     config:
       JupyterHub:
-        authenticator_class: cilogon
-      CILogonOAuthenticator:
-        oauth_callback_url: "https://tuskegee.cloudbank.2i2c.cloud/hub/oauth_callback"
-        allowed_idps:
-          http://google.com/accounts/o8/id:
-            default: true
-            username_derivation:
-              username_claim: "email"
-      OAuthenticator:
-        # WARNING: Don't use allow_existing_users with config to allow an
-        #          externally managed group of users, such as
-        #          GitHubOAuthenticator.allowed_organizations, as it breaks a
-        #          common expectations for an admin user.
-        #
-        #          The broken expectation is that removing a user from the
-        #          externally managed group implies that the user won't have
-        #          access any more. In practice the user will still have
-        #          access if it had logged in once before, as it then exists
-        #          in JupyterHub's database of users.
-        #
-        allow_existing_users: True
+        authenticator_class: github
+      GitHubOAuthenticator:
+        oauth_callback_url: https://tuskegee.cloudbank.2i2c.cloud/hub/oauth_callback
+        allowed_organizations:
+          - TU-CSCI-Data8
+        scope:
+          - read:org
       Authenticator:
-        # WARNING: Removing a user from admin_users or allowed_users doesn't
-        #          revoke admin status or access.
-        #
-        #          OAuthenticator.allow_existing_users allows any user in the
-        #          JupyterHub database of users able to login. This includes
-        #          any previously logged in user or user previously listed in
-        #          allowed_users or admin_users, as such users are added to
-        #          JupyterHub's database on startup.
-        #
-        #          To revoke admin status or access for a user when
-        #          allow_existing_users is enabled, first remove the user from
-        #          admin_users or allowed_users, then deploy the change, and
-        #          finally revoke the admin status or delete the user via the
-        #          /hub/admin panel.
-        #
         admin_users:
-          - yasmeen.rawajfih@gmail.com
-          - Wu.fan01@gmail.com
-          - yanlisa@berkeley.edu
-          - deborah_nolan@berkeley.edu
-          - ericvd@berkeley.edu
-          - sean.smorris@berkeley.edu
-          - sean.smorris@gmail.com
+          - sean-morris
+          - rawajfihy