Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

<@U04UQ68083H> What is the route that should be called to get the public key to read the JWT created by Hydra.

To get the public key for reading the JSON Web Token (JWT) created by Hydra, you should call the `/.well-known/jwks.json` endpoint. The full URL would look like this:  ``` http://$<http://PROJECT_SLUG.projects.oryapis.com/.well-known/jwks.json|PROJECT_SLUG.projects.oryapis.com/.well-known/jwks.json> ```  Replace `$PROJECT_SLUG` with your project's slug. This endpoint will provide you with all the necessary keys.  For example, if you are using the default keys used by Ory, you can use the following `set-id` values:  - `hydra.openid.id-token`: This set contains the keys used for signing OpenID Connect ID Tokens. - `hydra.jwt.access-token`: This set contains the keys used for signing JWT Access Tokens.  You can use these `set-id` values with the JWK endpoints to retrieve, rotate, or otherwise manage these default key sets.  For more details, please refer to the [Ory documentation](<https://www.ory.sh/docs/oauth2-oidc/jwt-access-token#json-web-token-validation>).