Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hey everyone, question regarding Hydra. I configured Kratos for user identity (login, register, recover, ...) and now finished implementing Hydra to use OAuth2.0 and OIDC capabilities in localhost. My frontend requires the hydra_admin url to talk with the consent and login endpoints. What are the recommendations when moving to a real environment (dev, staging, prod, ..) to contact the hydra_admin api? Should I create an api on top of Hydra or consider using a proxy such as Oathkeeper to manage that? Thanks

Hey Deniz, I dont have much experience with Hydra in production, but maybe this document could help:
<https://www.ory.sh/hydra/docs/next/production>

You should put the admin API behind some gateway for sure. Oathkeeper can be used, but there is probably many other solutions.

Check out how pixie designed it for their use case:
<https://blog.px.dev/open-source-auth/#final-design>