diff --git a/README.md b/README.md
index 9fec4c7d93f1d5b5cea213037deba953b97a2ac3..f9ae424e4ede7fa04c151210b313742f33815c22 100644
--- a/README.md
+++ b/README.md
@@ -58,10 +58,8 @@ Then to interact with dex, like any other OAuth2 provider, you must first visit
 a client app, then be prompted to login through dex. This can be achieved using
 the following steps:
 
-NOTE: The UIs are extremely bare bones at the moment.
-
 1. Navigate to http://localhost:5555/ in your browser.
 2. Hit "login" on the example app to be redirected to dex.
-3. Choose the "mock" option to login as a predefined user.
+3. Choose the "Login with Email" and enter "admin@example.com" and "password"
 4. Approve the example app's request.
 5. See the resulting token the example app claims from dex.
diff --git a/cmd/example-app/main.go b/cmd/example-app/main.go
index 3e6c700660d42e81257f913e5db4959b89f0d686..9f46f9eda7c41b34a96bd16876698e93e0a539a9 100644
--- a/cmd/example-app/main.go
+++ b/cmd/example-app/main.go
@@ -156,7 +156,7 @@ func cmd() *cobra.Command {
 	c.Flags().StringVar(&a.clientID, "client-id", "example-app", "OAuth2 client ID of this application.")
 	c.Flags().StringVar(&a.clientSecret, "client-secret", "ZXhhbXBsZS1hcHAtc2VjcmV0", "OAuth2 client secret of this application.")
 	c.Flags().StringVar(&a.redirectURI, "redirect-uri", "http://127.0.0.1:5555/callback", "Callback URL for OAuth2 responses.")
-	c.Flags().StringVar(&issuerURL, "issuer", "http://127.0.0.1:5556", "URL of the OpenID Connect issuer.")
+	c.Flags().StringVar(&issuerURL, "issuer", "http://127.0.0.1:5556/dex", "URL of the OpenID Connect issuer.")
 	c.Flags().StringVar(&listen, "listen", "http://127.0.0.1:5555", "HTTP(S) address to listen at.")
 	c.Flags().StringVar(&tlsCert, "tls-cert", "", "X509 cert file to present when serving HTTPS.")
 	c.Flags().StringVar(&tlsKey, "tls-key", "", "Private key for the HTTPS cert.")
diff --git a/examples/config-dev.yaml b/examples/config-dev.yaml
index d771bb7ca9a26e27cdce3ba4a4035813dd9284f6..5f937da47a1fee7bcc479286c44b170de73b9ecb 100644
--- a/examples/config-dev.yaml
+++ b/examples/config-dev.yaml
@@ -1,18 +1,31 @@
-issuer: http://127.0.0.1:5556
+# The base path of dex and the external name of the OpenID Connect service.
+# Clients use this value to do discovery.
+issuer: http://127.0.0.1:5556/dex
+
+# The storage configuration determines where dex stores its state. Supported
+# options include SQL flavors and Kubernetes third party resources.
 storage:
   type: sqlite3
   config:
     file: examples/dex.db
 
+# Configuration for the
 web:
   http: 127.0.0.1:5556
+  # HTTPS options are also supported:
+  # https: 127.0.0.1:5554
+  # tlsCert: /etc/dex/tls.crt
+  # tlsKey: /etc/dex/tls.key
 
-connectors:
-- type: mockCallback
-  id: mock-callback
-  name: Mock
+# Uncomment this block to enable the gRPC API.
+# grpc:
+#   addr: 127.0.0.1:5557
+#   tlsCert: /etc/dex/grpc.crt
+#   tlsKey: /etc/dex/grpc.key
 
 # Instead of reading from an external storage, use this list of clients.
+#
+# If this option isn't choosen clients may be added through the gRPC API.
 staticClients:
 - id: example-app
   redirectURIs:
@@ -20,14 +33,22 @@ staticClients:
   name: 'Example App'
   secret: ZXhhbXBsZS1hcHAtc2VjcmV0
 
-# Let dex keep a list of passwords which can be used to login the user.
+connectors:
+- type: mockCallback
+  id: mock
+  name: Example
+
+# Let dex keep a list of passwords which can be used to login the user
 enablePasswordDB: true
 
 # A static list of passwords to login the end user. By identifying here, dex
-# won't look in its undlying storage for passwords.
+# won't look in its underlying storage for passwords.
+#
+# If this option isn't choosen users may be added through the gRPC API.
 staticPasswords:
 - email: "admin@example.com"
   # bcrypt hash of the string "password"
   hash: "JDJhJDE0JDh4TnlVZ3pzSmVuQm4ySlRPT2QvbmVGcUlnQzF4TEFVRFA3VlpTVzhDNWlkLnFPcmNlYUJX"
   username: "admin"
   userID: "08a8684b-db88-4b73-90a9-3cd1661f5466"
+
diff --git a/examples/config-grpc.yaml b/examples/config-grpc.yaml
deleted file mode 100644
index ee0345eecf04bad8da328debd171ccc7a449483f..0000000000000000000000000000000000000000
--- a/examples/config-grpc.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-issuer: http://127.0.0.1:5556
-storage:
-  type: sqlite3
-  config:
-    file: examples/dex.db
-
-web:
-  http: 127.0.0.1:5556
-
-grpc:
-  addr: 127.0.0.1:5557
-
-connectors:
-- type: mockCallback
-  id: mock-callback
-  name: Mock
-- type: mockPassword
-  id: mock-password
-  name: Password
-  config:
-    username: "admin"
-    password: "PASSWORD"
-
-staticClients:
-- id: example-app
-  redirectURIs:
-  - 'http://127.0.0.1:5555/callback'
-  name: 'Example App'
-  secret: ZXhhbXBsZS1hcHAtc2VjcmV0
diff --git a/examples/config.yaml b/examples/config.yaml
deleted file mode 100644
index 268d0bd6dc6382198f5ceee31ed0ebbb1f5f8f11..0000000000000000000000000000000000000000
--- a/examples/config.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-issuer: http://127.0.0.1:5556
-storage:
-  type: kubernetes
-
-web:
-  http: 127.0.0.1:5556
-
-connectors:
-- type: mock
-  id: mock
-  name: Mock
-
-- type: github
-  id: github
-  name: GitHub
-  config:
-    clientID: "$GITHUB_CLIENT_ID"
-    clientSecret: "$GITHUB_CLIENT_SECRET"
-    redirectURI: http://127.0.0.1:5556/callback/github
-    org: kubernetes