open-vault/website/content/docs/commands/auth/tune.mdx

---
layout: docs
page_title: auth tune - Command
sidebar_title: <code>tune</code>
description: |-
  The "auth tune" command tunes the configuration options for the auth method at
  the given PATH.
---

# auth tune

The `auth tune` command tunes the configuration options for the auth method at
the given PATH. **The argument corresponds to the PATH where the auth method is
enabled, not the TYPE!**

## Examples

Tune the default lease for the auth method enabled at "github/":

```shell-session
$ vault auth tune -default-lease-ttl=72h github/
Success! Tuned the auth method at: github/
```

Specify multiple audit non-hmac request keys:

```shell-session
$ vault auth tune -audit-non-hmac-request-keys=value1 -audit-non-hmac-request-keys=value2 github/
```

## Usage

The following flags are available in addition to the [standard set of
flags](/docs/commands) included on all commands.

- `-audit-non-hmac-request-keys` `(string: "")` - Key that will not be HMAC'd
  by audit devices in the request data object. Note that multiple keys may be
  specified by providing this option multiple times, each time with 1 key.

- `-audit-non-hmac-response-keys` `(string: "")` - Key that will not be HMAC'd
  by audit devices in the response data object. Note that multiple keys may be
  specified by providing this option multiple times, each time with 1 key.

- `-default-lease-ttl` `(duration: "")` - The default lease TTL for this auth
  method. If unspecified, this defaults to the Vault server's globally
  configured default lease TTL, or a previously configured value for the auth
  method.

- `-max-lease-ttl` `(duration: "")` - The maximum lease TTL for this auth
  method. If unspecified, this defaults to the Vault server's globally
  configured maximum lease TTL, or a previously configured value for the auth
  method.