Getting an unauthorized/scope error from requestJira method

I’m having trouble accessing certain API endpoints using the requestJira method, I’ve tried authenticating asApp and asUser and both produce the same 401 error: “unauthorized; scope does not match”. From what I can tell the scopes I’ve defined in manifest.yml should be sufficient:

    - manage:jira-configuration
    - read:jira-work
    - manage:jira-project
    - write:jira-work

The ‘project’ and ‘user’ endpoints both fail, but the ‘issuelinktype’ endpoint gives back data. Here is how I’m calling the API:

      const requestURL = route`/rest/api/3/${jiraEndpoint}`;
      const response = await api.asUser().requestJira(requestURL, {
        headers: {
          Accept: "application/json",

When I try the URL in the browser I can see the project data as expected, but for some reason even when authenticating asUser through the backend, it fails. My app sets up an express server that runs from the Forge backend area in src/index.js, and that’s where it calls the Jira API. I thought this added complexity might have something to do with it, but like I mentioned earlier certain endpoints are returning data.

Not sure what else to try, please let me know if you have any suggestions!