Hey @jdbahnick,
Refresh tokens should be working as you expect, unless there are other reasons for that 403
response. Take a look here and here for possible causes.
However, my question is, why are you implementing the refresh token flow manually for your Blazor server app instead of relying on the Auth0 ASP.NET Core Authentication SDK?