The grantCallbackAccess request is sent to https://c2c-us.smartthings.com/oauth/token using the Authorization code from the OAuth Server.
You’re right, the lambda sample doesn’t include this sorry for the confusion. It is only mandatory if the third-party cloud will send updates to SmartThings when the device state changes from that side.
I think Glitch has a sleep timer for inactivity, this is why you could be experiencing the offline status.
The error can be related to the handler name, check this post where I listed the things you need to verify for the Lambda Schema Connectors: