Thanks @Mehmet_Talha_Seker! I took a closer look at the request you shared and your scopes are confirmed present on the installation, so this isn’t a missing-scope issue in the traditional sense.
The behavior you’re seeing is tied to how Shopify determines whether an app is eligible for Storefront API token creation. The storefrontAccessTokenCreate mutation requires Storefront API availability to be enabled at the app level, and Shopify only considers required scopes (the ones in the scopes field of your app config) when making that determination. If your unauthenticated scopes are declared as optional scopes rather than required, Shopify will treat the app as not having Storefront API access, and the mutation will return ACCESS_DENIED even though the scopes show up as granted on the installation.
Check your shopify.app.toml and make sure unauthenticated_write_checkouts (and any other unauthenticated scopes you need) are in the main scopes field, not just in optional_scopes. After updating, deploy a new version and reinstall on the store so the change takes effect. This was a similar issue to what was resolved here and here, where the fix came down to getting the right unauthenticated scopes into the required set plus using an offline token.
Let me know if the error persists after that change.