Token Exchange refused Error

Many thanks @dsmith, your detailed post has been extremely helpful. It helped me to setup self signed certs.

I was still unable to access the console and the Forbidden Token exchange refused is raised again and again. Below are the logged errors when I request the host url.

stack_1     |   INFO Client error                             duration=2ms http.method=GET http.path=/console/api/auth/token http.status=401 namespace=web peer.address=10.2.80.77:60957 request_id=01ES4FK2W7YAHGC27QCKS11KHP

stack_1     |   INFO Client error                             duration=1.4ms http.method=GET http.path=/oauth/api/me http.status=401 namespace=web peer.address=10.2.80.77:60957 request_id=01ES4FK4BN25BMEWQ2BG5BTYZT

stack_1     |   INFO Client error                             duration=2m10.5133s http.method=GET http.path=/console/oauth/callback http.status=403 namespace=web peer.address=10.2.80.77:60957 request_id=01ES4FK9R35TJDG1YNGS7VKZNV

stack_1     |   INFO Client error                             duration=1.2ms http.method=GET http.path=/console/api/auth/token http.status=401 namespace=web peer.address=10.2.80.77:60957 request_id=01ES4FQDHR83CJ4A50R4582X06

Finally, got to understand this as a hostname resolution or DNS issue which the result of running running a vm within a vm. As I am running the TTN docker images within my ubuntu 18.04 vm. Resolved this by adding to the ubuntu 18.04 VM’s /etc/hosts file, the host IP address and domain name values.

e.g.
10.101.31.123 mydomain.com

Good to hear you got it all running in the end. Likewise, I was having issues with stacked VMs so I ended up just running docker directly in windows (rather than in a ubuntu vm) to get it working. The stacked VMs are a pain, but glad to see you’ve worked out a way around that.

There was some further discussion between benolayinka and myself in the other thread on self-signed certs, and benolayinka is updating the docs with the missing instructions.