Request forbidden due to insufficient authorization scopes.

We upgraded from an old integration to the v3 a couple months ago, and everything was working correctly. I was able to construct a request that gave me an access token and a refresh token, which we then used whenever the auth token expired, and all that worked fine.

Over the weekend, the API started returning an Unauthorized response when we called with a Refresh Token to get a new Auth Token, although nothing had changed in our code or the account settings. I then went in and went through the process to get a Code and from there get a new Refresh Token and Auth Token just to see if that helped. After doing that, a connection to add a contact now returns "Request forbidden due to insufficient authorization scopes." I have tried going to /account/user/privileges via the API and it seems to show all privileges are in place.

Has anyone seen this or have any insight?