# Global Auth Policy

The Global Auth Policy allows to configure various user login parameters as shown below:

<figure><img src="/files/6NtajUhajoTMMZ0T4gP6" alt=""><figcaption></figcaption></figure>

**Auth Failed Count:** The Auth Failed Count parameter signifies after how many failed login attempts will the user account be locked.

**Unlock after Minutes:** The Unlock after Minutes parameter signifies after how many minutes will a locked account be automatically unlocked.

**Token Expiry Minutes:** The Token Expiry Minutes parameter signifies after how many minutes will the session token expire.

**Refresh Token Expiry Minutes:** The Refresh Token Expiry Minutes parameter signifies after how many minutes will the refresh token expire.

### User Session

Cymmetri allows users to have multiple sessions simulatenously i.e. they can login simulatenously from various locations and keep all the sessions alive. It also provides control to the user to revoke any specific or all the sessions

<figure><img src="/files/w5eRfVjRIIydIbNMiJSX" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.cymmetri.io/identity-hub/authentication/global-auth-policy.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.