Port 4101, Kratos IAM (admin)

Role: Admin API

Exposure: host-bound (firewall to localhost)

Purpose

Employee identity CRUD.

Security

This port must be blocked at the host firewall from the internet. Only Caddy (ports 80/443) is publicly reachable.

Verify exposure

# From outside the VPS
nmap -p 4101 <vps-ip>
# Expected: filtered / closed

Related

• Operate, Network topology
• Reference, Ports