To access the public and admin endpoints of Ory Hydra running in Docker from your host machine, you need to expose the appropriate ports when running the Docker container. Here's how you can do it: 1. For the public endpoint (typically port 4444):

-p 9000:4444

2. For the admin endpoint (typically port 4445):

-p 9001:4445

These port mappings are included in the Docker run command as shown in this example from the [Ory documentation](https://www.ory.sh/run-oauth2-server-open-source-api-security/#configure-the-ory-hydra-oauth2-server-and-openid-connect-provider):

docker run -d \   --name ory-hydra-example--hydra \   --network hydraguide \   -p 9000:4444 \   -p 9001:4445 \   -e SECRETS_SYSTEM=$SECRETS_SYSTEM \   -e DSN=$DSN \   -e URLS_SELF_ISSUER=<http://127.0.0.1:9000/> \   -e URLS_CONSENT=<http://127.0.0.1:9020/consent> \   -e URLS_LOGIN=<http://127.0.0.1:9020/login> \   oryd/hydra:v2.0.1 serve all --dev

With this configuration: - The public API will be accessible on your host machine at

<http://127.0.0.1:9000>

- The admin API will be accessible on your host machine at

<http://127.0.0.1:9001>

You can verify that the server is running by checking the health endpoint:

curl <http://127.0.0.1:9001/health/ready>

This should return

{"status":"ok"}

if Hydra is running correctly [as shown in the documentation](https://www.ory.sh/run-oauth2-server-open-source-api-security/#configure-the-ory-hydra-oauth2-server-and-openid-connect-provider). Remember that in a production environment, you should secure these endpoints appropriately, especially the admin API, which should not be exposed to the public internet without proper security measures [as advised in the Ory documentation](https://www.ory.sh/docs/hydra/self-hosted/production#exposing-administrative-and-public-api-endpoints).

Based on the information you've provided, it seems you're already correctly exposing the Ory Hydra ports using Docker Compose. Let's break this down:

yaml ports:   - "4444:4444" # Public port   - "4445:4445" # Admin port

This configuration in your

docker-compose.yml

file is correct and follows the recommended setup for Ory Hydra. Here's what it means: 1. `"4444:4444"`: This maps the container's port 4444 (Hydra's public API) to port 4444 on your host machine. 2. `"4445:4445"`: This maps the container's port 4445 (Hydra's admin API) to port 4445 on your host machine. With this setup, you should be able to access: - The public API at

<http://localhost:4444>

- The admin API at

<http://localhost:4445>

This configuration aligns with the [Ory Hydra documentation](https://www.ory.sh/docs/hydra/self-hosted/configure-deploy#deploy-ory-hydra), which mentions: "The OAuth 2.0 client uses port

4444

and

4445

. The former is Ory Hydra's public endpoint, the latter its administrative endpoint." To verify that Hydra is running and accessible, you can check the health endpoint:

curl <http://localhost:4445/health/ready>

This should return

{"status":"ok"}

if Hydra is running correctly. Remember, in a production environment, you should ensure that the admin API (4445) is not exposed to the public internet without proper security measures, as advised in the [Ory documentation](https://www.ory.sh/docs/hydra/self-hosted/production#exposing-administrative-and-public-api-endpoints).