What is the difference between oathkeep and hydra’s .well-know/jwks.json endpoint? Is it the same? If oathkeeper and hydra are used at the same time, do they need to be exposed(public) in different paths?
Depends on your use case 
They both provide the cryptographic keys necessary to verify ID Tokens or other JWTs.