TNN Console refusing token exchange

Hi All, I m trying to install TTN stack and managed to load the console screen using the files described below but every-time the TTN Console is not working properly. It is always showing “Forbidden” - [Token exchange refused].

The docker-compose.yml

version: '3.7'
services:

  # If using CockroachDB:
  cockroach:
    image: cockroachdb/cockroach:latest
    command: start --http-port 26256 --insecure
    restart: unless-stopped
    volumes:
      - ./data/cockroach:/cockroach/cockroach-data
    ports:
      - "159.65.159.245:26257:26257" # Cockroach
      - "159.65.159.245:26256:26256" # WebUI
  redis:
    image: redis:latest
    command: redis-server --appendonly yes
    restart: unless-stopped
    volumes:
      - ./data/redis:/data
    ports:
      - "159.65.159.245:6379:6379"

  stack:
    image: thethingsnetwork/lorawan-stack:latest
    entrypoint: ttn-lw-stack -c /config/ttn-lw-stack.yml
    command: start
    restart: unless-stopped
    depends_on:
      - redis
      # If using CockroachDB:
      - cockroach
      # If using PostgreSQL:
      # - postgres
    volumes:
      - ./blob:/srv/ttn-lorawan/public/blob
      - ./config/stack:/config:ro
      # If using Let's Encrypt:
      - ./acme:/var/lib/acme
    environment:
      TTN_LW_BLOB_LOCAL_DIRECTORY: /srv/ttn-lorawan/public/blob
      TTN_LW_REDIS_ADDRESS: redis:6379
      # If using CockroachDB:
      TTN_LW_IS_DATABASE_URI: 
    postgres://root@cockroach:26257/ttn_lorawan?sslmode=disable
      
    ports:
      # If deploying on a public server:
      # - "80:1885"
      # - "443:8885"
      - "1881:1881"
      - "8881:8881"
      - "1882:1882"
      - "8882:8882"
      - "1883:1883"
      - "8883:8883"
      - "1884:1884"
      - "8884:8884"
      - "1885:1885"
      - "8885:8885"
      - "1887:1887"
      - "8887:8887"
      - "1700:1700/udp"

The ttn-lw-stack.ymlb

is:
  # Email configuration for "thethings.example.com"
  email:
    sender-name: 'The Things Stack'
    sender-address: 'noreply@thethings.example.com'
    network:
      name: 'The Things Stack'
      console-url: 'https://localhost/console'
      identity-server-url: 'https://localhost/oauth'

  # Web UI configuration for "thethings.example.com":
  oauth:
    ui:
      canonical-url: 'https://localhost/oauth'
      is:
        base-url: 'https://localhost/api/v3'

# HTTP server configuration
http:
  cookie:
    # generate 32 bytes (openssl rand -hex 32)
    block-key: '0011223344556677001122334455667700112233445566770011223344556677'
    # generate 64 bytes (openssl rand -hex 64)
    hash-key: '00112233445566770011223344556677001122334455667700112233445566770011223344556677001122334455667700112233445566770011223344556677'
  metrics:
    password: 'metrics'               # choose a password
  pprof:
    password: 'pprof'                 # choose a password

# If using (self) signed certificates:
# tls:
#   source: file
#   root-ca: /run/secrets/cert.pem
#   certificate: /run/secrets/cert.pem
#   key: /run/secrets/key.pem

# If using Let's encrypt for "thethings.example.com"
tls:
  source: 'acme'
  acme:
    dir: '~/df/acme'
    email: 'you@localhost'
    hosts: ['https://localhost']
    default-host: 'https://localhost'

# If Gateway Server enabled, defaults for "thethings.example.com":
gs:
  mqtt:
    public-address: 'https://localhost:1882'
    public-tls-address: 'https://localhost:8882'
  mqtt-v2:
    public-address: 'https://localhost:1881'
    public-tls-address: 'https://localhost:8881'

# If Gateway Configuration Server enabled, defaults for "thethings.example.com":
gcs:
  basic-station:
    default:
      lns-uri: 'wss://localhost:8887'
  the-things-gateway:
    default:
      mqtt-server: 'mqtts://localhost:8881'

# Web UI configuration for "thethings.example.com":
console:
  ui:
    canonical-url: 'https://localhost/console'
    is:
      base-url: 'https://localhost/api/v3'
    gs:
      base-url: 'https://localhost/api/v3'
    ns:
      base-url: 'https://localhost/api/v3'
    as:
      base-url: 'https://localhost/api/v3'
    js:
      base-url: 'https://localhost/api/v3'
    qrg:
      base-url: 'https://localhost/api/v3'
    edtc:
      base-url: 'https://localhost/api/v3'

  oauth:
    authorize-url: 'https://localhost/oauth/authorize'
    logout-url: 'https://localhost/oauth/logout'
    token-url: 'https://localhost/oauth/token'
    client-id: 'console'
    client-secret: 'xxx' 

What can I do ?