renewToken always results in login_required for non-social connections

Whenever I call renewToken, it always results in login_required error. I do not use any social connections, just plain email/password.

const authSettings = {
  domain: 'methyl.eu.auth0.com',
  clientID: 'iv2PuRrlF7UrEaDBDzCx8ARUmO23r9R5',
  redirectUri: 'http://localtest.me/callback',
  responseType: 'id_token',
  scope: 'openid email',
}

let auth = null
const getAuth = () => {
  if (auth) {
    return auth
  } else {
    auth = new auth0.WebAuth(authSettings)
    return auth
  }
}

export const renewAuth = onSuccess =>
  getAuth().renewAuth(
    {
      usePostMessage: true,
      redirectUri: 'http://localtest.me/silent-callback.html',
    },
    (err, authResult) => {
      console.log(err, authResult)
    }
  )
<!DOCTYPE html>
<html>

<head>
  <script type="text/javascript">
    console.log(window.location.hash)
    // parent.postMessage({ type: 'auth0', hash: window.location.hash }, "http://app.development:3001");
  </script>
</head>

<body></body>

</html>

Whenever I call renewAuth, it always logs #error=login_required&error_description=Login%20required from silent-callback.html.

3rd party cookies are causing the problem: Using renewAuth with 3rd party cookies disabled - Auth0 Community

So enabling cookies is the only way for a silent refresh? :confused: what’s the other option? Server side authentication?