diff --git a/website/content/docs/commands/auth/tune.mdx b/website/content/docs/commands/auth/tune.mdx
index 3fc4a6073..6383ec108 100644
--- a/website/content/docs/commands/auth/tune.mdx
+++ b/website/content/docs/commands/auth/tune.mdx
@@ -72,8 +72,9 @@ flags](/docs/commands) included on all commands.
 
 - `-max-lease-ttl` `(duration: "")` - The maximum lease TTL for this auth
   method. If unspecified, this defaults to the Vault server's globally
-  configured maximum lease TTL, or a previously configured value for the auth
-  method.
+  configured [maximum lease TTL](/docs/configuration#max_lease_ttl), or a
+  previously configured value for the auth method. This value is allowed to
+  override the server's global max TTL; it can be longer or shorter.
 
 - `-passthrough-request-headers` `(string: "")` - request header values that will
   be sent to the auth method. Note that multiple keys may be
diff --git a/website/content/docs/commands/secrets/tune.mdx b/website/content/docs/commands/secrets/tune.mdx
index f44134f53..96679d1e1 100644
--- a/website/content/docs/commands/secrets/tune.mdx
+++ b/website/content/docs/commands/secrets/tune.mdx
@@ -79,8 +79,9 @@ flags](/docs/commands) included on all commands.
 
 - `-max-lease-ttl` `(duration: "")` - The maximum lease TTL for this secrets
   engine. If unspecified, this defaults to the Vault server's globally
-  configured maximum lease TTL, or a previously configured value for the secrets
-  engine.
+  configured [maximum lease TTL](/docs/configuration#max_lease_ttl), or a
+  previously configured value for the secrets engine. This value is allowed to
+  override the server's global max TTL; it can be longer or shorter.
 
 - `-passthrough-request-headers` `(string: "")` - request header values that will
   be sent to the secrets engine. Note that multiple keys may be
diff --git a/website/content/docs/configuration/index.mdx b/website/content/docs/configuration/index.mdx
index fb66eee3a..2a2004062 100644
--- a/website/content/docs/configuration/index.mdx
+++ b/website/content/docs/configuration/index.mdx
@@ -136,7 +136,10 @@ to specify where the configuration is.
 
 - `max_lease_ttl` `(string: "768h")` – Specifies the maximum possible lease
   duration for tokens and secrets. This is specified using a label
-  suffix like `"30s"` or `"1h"`.
+  suffix like `"30s"` or `"1h"`. Individual mounts can override this value
+  by tuning the mount with the `max-lease-ttl` flag of the
+  [auth](/docs/commands/auth/tune#max-lease-ttl) or
+  [secret](/docs/commands/secrets/tune#max-lease-ttl) commands.
 
 - `default_max_request_duration` `(string: "90s")` – Specifies the default
   maximum request duration allowed before Vault cancels the request. This can