I’m aware of the Refresh Tokens approach, as is this considered by auth0 the official “solution”, but it comes with it’s own drawbacks.
Force-enabling the 3rd party cookies in Chrome is a band aid, specially that it will go away, but also that local testing with other browsers is useful.
Our current workaround is just to side step auth0 locally (i.e. with a “fake” Access Token), but this is obviously not ideal.