Hello @alvin-ec welcome to the community!
This is unfortunately a known issue that is just due to modern browsers and cross-origin authentication - You can address this by adding a custom domain to address this limitation.
This can also happen if the audience and/or scope is different than in the original request.
The following FAQ on Custom Domains may also be helpful:
https://community.auth0.com/t/custom-domain-configuration-common-questions/82033