Found out what the issue was. It’s because of the cookies. Looks like Jenkins requires everything to be the same from username and password to cookies to the same exact things being passed in.
Jenkins was providing me invalid crumbs and when I supply the API with those crumbs, it would give me a 403 response. This is because at the time of request, there is the JSESSIONID cookie. However when I do the POST request to create the node agent, the JSESSIONID cookie is no longer available.
What I ended up doing was creating a temp file, storing the cookies in that file, providing that temp file to Jenkins, allowing Jenkins to use it, then deleting that temp file. After doing it in that workflow, I was able to create the node agent.
This Stack Overflow post nudged me in the right direction.