# Reference

- [APIs](/reference/apis.md): Authgear exposes APIs for developers to manage their applications programmatically
- [Admin API](/reference/apis/admin-api.md): The Admin API allows your server to manage users via a GraphQL endpoint.
- [Authentication and Security](/reference/apis/admin-api/authentication-and-security.md): The Admin API is protected by cryptographic keys. Learn how to generate a valid JWT to authorize your request in this article.
- [API Schema](/reference/apis/admin-api/api-schema.md)
- [API Queries and Mutations](/reference/apis/admin-api/api-queries-and-mutations.md): In this section of the Authgear documentation, you'll learn about all the GraphQL queries and mutations the Admin API supports.
- [Using global node IDs](/reference/apis/admin-api/using-global-node-ids.md)
- [Retrieving users using Admin API](/reference/apis/admin-api/retrieving-users-using-admin-api.md): Overview and examples for the getUser/getUsers queries
- [API Examples](/reference/apis/admin-api/api-examples.md): Learn how to perform common actions from the examples
- [Generate OTP code](/reference/apis/admin-api/api-examples/generate-otp-code.md)
- [Search for users](/reference/apis/admin-api/api-examples/search-for-users.md)
- [Update user's picture](/reference/apis/admin-api/api-examples/update-users-picture.md)
- [Update user's standard attributes](/reference/apis/admin-api/api-examples/update-users-standard-attributes.md)
- [Authentication Flow API](/reference/apis/authentication-flow-api.md): API reference detailing all endpoints, inputs and results supported by the Authentication Flow API.
- [OAuth 2.0 and OpenID Connect (OIDC)](/reference/apis/oauth-2.0-and-openid-connect-oidc.md): Reference for configurations and endpoints in the industry-standard protocols OAuth 2.0 or OpenID Connect.
- [Supported Scopes](/reference/apis/oauth-2.0-and-openid-connect-oidc/supported-scopes.md): Details about the OAuth 2.0 Scopes Authgear supports
- [UserInfo](/reference/apis/oauth-2.0-and-openid-connect-oidc/userinfo.md): Complete list of information in the UserInfo endpoint response.
- [User Import API](/reference/apis/user-import-api.md): API Reference for the  User Import API that developers can use to bulk import users from another system to their Authgear project.
- [User Export API](/reference/apis/user-export-api.md): API Reference for the User Export API
- [Tokens](/reference/tokens.md): Description of what's in Authgear's JWT access token and UserInfo endpoint response.
- [JWT Access Token](/reference/tokens/jwt-access-token.md): Claims in JWT Access Token
- [Refresh Token](/reference/tokens/refresh-token.md): Learn about refresh token, how to get a refresh token and how to use it to get a new access token.
- [M2M Tokens](/reference/tokens/m2m-tokens.md)
- [Rate Limits](/reference/rate-limits.md): Learn about the rate limits for different services and resources.
- [Account Lockout](/reference/rate-limits/account-lockout.md): Learn about default way account lockout works, and how to customise lockout limits
- [Glossary](/reference/glossary.md): Definitions of the most common technical terms you will come across while working with Authgear and implementing user authentication to your application.
- [Billing FAQ](/reference/billing-faq.md): Frequently asked questions on how billing works on Authgear