Based on the knowledge sources provided, I don't have enough specific information to definitively answer whether the feature_flags listed in .schema/config.schema.json in the Ory/Hydra repository are actually used within the repository. The documents don't contain direct references to this specific schema file or its usage within the Hydra codebase. However, I can provide some general insights about Ory's configuration system that might be relevant: 1. Ory uses JSON Schemas to define configuration layouts, as mentioned in the [Configuration Types documentation](https://www.ory.sh/docs/ecosystem/configuring#configuration-types). 2. Feature flags are used in Ory products to enable or disable certain features. For example, the [Edge Sessions documentation](https://www.ory.sh/docs/concepts/cache#configuration) mentions using a feature flag to enable Edge Sessions. 3. Configuration can be loaded from various sources, including files (YAML and JSON) and environment variables, as explained in the [Configuration documentation](https://www.ory.sh/docs/ecosystem/configuring). Given this information, it's possible that the feature_flags in the config.schema.json file are used to define possible configuration options, even if they're not directly referenced in the code. They might be used by the configuration system to validate user-provided configurations or to set default values. To get a definitive answer, you might want to: 1. Check if these flags are used in other parts of the configuration system. 2. Look for any documentation specific to these feature flags. 3. Ask about this specific file and its usage in the [Ory Community Slack](https://www.ory.sh/chat) or [ORY Hydra GitHub Discussions](https://github.com/ory/hydra/discussions), as suggested in the [OAuth2 for Mobile Apps and Single Page Apps documentation](https://www.ory.sh/oauth2-for-mobile-app-spa-browser/#open-source-and-other-resources).

To check if the configuration values, specifically the SECRETS_SYSTEM, are properly reflected after starting Hydra, you have a few options based on the information provided in the knowledge sources: 1. Health Check Endpoint: You can use the health check endpoint to verify if Hydra is running correctly with its configuration. As mentioned in the [Deploy to production documentation](https://www.ory.sh/docs/hydra/self-hosted/deploy-hydra-example#install-and-configure-nginx), you can access the health check endpoint:

<https://your-domain.com/health/ready?secret=YOUR-SECRET>

Replace "your-domain.com" with your actual domain and "YOUR-SECRET" with the secret you've set for accessing the admin API. 2. Admin API: The Admin API provides endpoints that can give you information about the system's configuration. However, for security reasons, it's unlikely that you'll be able to directly retrieve the SECRETS_SYSTEM value. 3. Indirect Verification: Since SECRETS_SYSTEM is used for encrypting data at rest and signing tokens, you could indirectly verify its correct application by: - Creating a client - Generating a token - Verifying the token If these operations succeed, it's a good indication that the SECRETS_SYSTEM is correctly set. 4. Logs: Check the Hydra logs after startup. While it won't show the actual SECRETS_SYSTEM value for security reasons, it might indicate if there were any issues loading the configuration. 5. Configuration Dump: You might be able to use the

hydra

CLI to dump the current configuration. However, sensitive values like SECRETS_SYSTEM are typically not displayed in plain text. It's important to note that for security reasons, Hydra doesn't provide a direct way to view the SECRETS_SYSTEM value after it's been set. The [Security Architecture documentation](https://www.ory.sh/docs/hydra/security-architecture) emphasizes that Hydra is designed with security in mind, including the principle of "No Cleartext Storage of Credentials". If you need to verify the exact value of SECRETS_SYSTEM, the safest approach would be to check your environment variables or configuration files before starting Hydra, rather than trying to retrieve it from a running instance. For more detailed information on configuration and security practices, you can refer to the [Configuration documentation](https://www.ory.sh/docs/ecosystem/configuring) and the [Security Architecture overview](https://www.ory.sh/docs/hydra/security-architecture).