.NET WebAPI refuses to serve responses from fetch requests (nginx setup)

Question

I'm hosting this on a Windows machine. I have a frontend and backend served through nginx with the following configuration:

server {
        listen       80;
        server_name  my.website www.my.website;
        
        location /api/ {
            proxy_pass http://localhost:5000;
            proxy_http_version 1.1;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-NginX-Proxy true;
            proxy_ssl_session_reuse on;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection upgrade;
            proxy_set_header Host $http_host;
            proxy_cache_bypass $http_upgrade;
        }

        location / {
            proxy_pass http://localhost:3000;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection upgrade;
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }

        # Redirect HTTP to HTTPS
        return 301 https://$host$request_uri;
    }

    server {
        listen 443 ssl;
        server_name  my.website www.my.website;

        ssl_certificate .../ssl-crt.pem;
        ssl_certificate_key .../ssl-key.pem;
        ssl_trusted_certificate .../ssl-chain.pem;
        
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384';
        ssl_prefer_server_ciphers off;
        
        ssl_session_timeout 1d;
        ssl_session_cache shared:SSL:50m;
        
        location /api/ {
            proxy_pass https://localhost:5001;
            proxy_http_version 1.1;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-NginX-Proxy true;
            proxy_ssl_session_reuse on;
            proxy_set_header Host $http_host;
            proxy_cache_bypass $http_upgrade;
            #proxy_redirect off;
        }

        location / {
            proxy_pass https://localhost:3000;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $http_connection;
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }
    }

After attempting to access an endpoint I receive a 404. The server is accessible if I use the https://localhost:5001 address directly. In the nginx logs I see:

access.log
123.456.789.01 - - [24/Nov/2023:19:23:01 -0500] "POST /api/account/Account/signup HTTP/1.1" 404 0 "https://my.website/account/Signup" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Mobile Safari/537.36" "-"

Sometimes there's an indication of a refused connection request as well in the error.log.

error.log
2023/11/24 19:19:30 [error] 4028#4132: *137 connect() failed (10061: No connection could be made because the target machine actively refused it) while connecting to upstream, client: 123.456.789.01, server: my.website, request: "GET / HTTP/1.1", upstream: "https://[::1]:3000/", host: "my.website"

Does this configuration look correct? Is there something in a WebAPI that would prevent this from working? I have CORS added and working (in test, but prod is the same) and I removed Authorization in an attempt to get this to work. Any help as to what else may cause this, or issues that reside in my nginx config would be greatly appreciated.