|Talend Version||2.1.1 DP|
|Summary||After using the 6.4.1 Installer, and successfully installing TAC, Amazon Web Services Identity and Access Management (IAM), Data Preparation (DP), and other tools, the Data Prep/IAM login page displayed:
Oops page.... you are not authorized to see this page. Contact your administrator
|Product||Data Preparation, IAM, TAC|
|Component||Connection to Data Prep using IAM|
After a successful, fresh installation of Talend 6.4.1 TAC, 2.1.1 DP, and IAM using the Installer, you could access the DP/IAM login page. However, after entering the correct credentials, the authentication seems to occur (as you were correctly configured in TAC) but the page displayed the error Oops page.... you are not authorized to see this page. Contact your administrator.
You are defined as a Data Prep user in TAC, and have all the possible roles. TAC, DP, and IAM are all installed on the same machine. Their host names can be either long.company.name.corp.org, or company (TAC can be accessed with both).
However, you noticed that in different configuration files, naming is not consistent. In the iam.properties and application.properties files, the fully qualified domain name (FQDN) and the short hostname were both used. In the oidc.log, you accessed TDP with a URI (http://long.company.name.corp.org:9999/signIn).
|Problem root cause||
The configured redirect_uris in the tdp_client.json file are:
http://company:9999/signIn http://localhost:9999/signIn http://127.0.0.1:9999/signIn
That's why IAM complains with an Oops page: the redirect_uri sent by TDP (computed relying on the URL used to access TDP), and the ones configured in the IAM tdp-client.json file don't match.
|Solution or Workaround||
|JIRA ticket number||TINSTL-1239|