Hydrogen, Headless, and Storefront APIs

I am able to authorize using offline access with scope of unauthenticated_read_product_listings.

When trying to call [mystorename].myshopify.com/admin/oauth/access_token 

I receive 403 Forbidden.

I have setup all the permissions needed and get a code back from the authorize api call.  I am not sure what I am missing.