renewAuth errors

I’m using the code from this PR: Add option to filter iframe events to prevent incorrect events triggering callbacks by aaronchilcott · Pull Request #432 · auth0/auth0.js · GitHub and am trying to renew a users idToken. Here is my relevant code:

const auth0 = require('auth0-js')

const auth0client = new auth0.WebAuth({
  domain: process.env.AUTH0_DOMAIN,
  clientID: process.env.AUTH0_CLIENT_ID

    audience: '',
    postMessageDataType: 'auth0:silent-authentication',
    redirectUri: window.location.origin + '/auth/silent-callback',
    scope: 'openid app_metadata user_metadata',
    usePostMessage: true
  }, (err, authResult) => {
    if (err) {
      console.log('Failed to renew log in.')
      return callback(err)

And here is the jade file that is used to render /auth/silent-callback:

doctype html
      var data = {
        type: 'auth0:silent-authentication',
        hash: window.location.hash
      // This page is designed to be loaded in an Iframe
      var result = parent.postMessage(data, "*");


However, I was first getting the error: “Algorithm HS256 is not supported. (Expected algs: [RS256])”. So I went and changed the algorithm to RS256, but then I got the error: “Nonce does not match.”

What am I doing wrong?

Looks like I had to include a nonce in the renewAuth method when using RS256.