Error after logging in to Data Preparation: "Oops page.... you are not authorized to see this page. Contact your administrator"

Talend Version       2.1.1 DP
Summary After using the 6.4.1 Installer, and successfully installing TAC, Amazon Web Services Identity and Access Management (IAM), Data Preparation (DP), and other tools, the Data Prep/IAM login page displayed:
Oops page.... you are not authorized to see this page. Contact your administrator
Additional Versions  
Product Data Preparation, IAM, TAC
Component Connection to Data Prep using IAM
Problem Description

After a successful, fresh installation of Talend 6.4.1 TAC, 2.1.1 DP, and IAM using the Installer, you could access the DP/IAM login page. However, after entering the correct credentials, the authentication seems to occur (as you were correctly configured in TAC) but the page displayed the error Oops page.... you are not authorized to see this page. Contact your administrator.


You are defined as a Data Prep user in TAC, and have all the possible roles. TAC, DP, and IAM are all installed on the same machine. Their host names can be either, or company (TAC can be accessed with both).


However, you noticed that in different configuration files, naming is not consistent. In the and files, the fully qualified domain name (FQDN) and the short hostname were both used. In the oidc.log, you accessed TDP with a URI (

Problem root cause

The configured redirect_uris in the tdp_client.json file are:



But not:


That's why IAM complains with an Oops page: the redirect_uri sent by TDP (computed relying on the URL used to access TDP), and the ones configured in the IAM tdp-client.json file don't match.

Solution or Workaround
  1. Add this URI to your tdp-client.json file:

    An example tdp_client.json file might look like this:

     "post_logout_redirect_uris" : [ "http://company:9999", "http://localhost:9999", "" ],
     "grant_types" : [ "authorization_code", "refresh_token", "password" ],
     "scope" : "openid refreshToken",
     "client_secret" : "+1/7vegEOVHeQD9JKmtz8I9s4tgVuRjvidgjijja7efFHro=",
     "redirect_uris" : [ "http://company:9999/signIn", "http://localhost:9999/signIn", "", "" ],
     "client_name" : "TDP DataPrep",
     "client_id" : "64xIVPdioWSog"
  2. Restart IAM. This should resolve the issue.
JIRA ticket number TINSTL-1239
Version history
Revision #:
9 of 9
Last update:
‎04-17-2019 12:53 AM
Updated by: