The checkSession method superseded the renewAuth one as it provides the same functionality with less overhead to the client application.
However, the checkSession method does require that you explicitly set the Allowed Web Origins client settings property with the origins that will be performing the requests. In this particular case, if your client application is deployed in domain test.xxxx.no and as such is using a redirect URL of https://test.xxxx.no/xxxxx/ then you need to add https://test.xxxx.no as an allowed web origin in the Allowed Web Origins client setting.
Based on the error message the most likely explanation would be that there are either not configured allowed web origins or none are applicable to that redirect URL.