Should be fairly easy to fix: The documentation states that the /userinfo endpoint accepts only 1 header, specifically access_token. When a request is built using the tool on [the documentation website] in cURL, and executed, a 401 Unauthorized code is returned. The correct header that works for this endpoint is Authorization: Bearer <token>.
So the request goes from
curl -L -g 'https://{yourDomain}/userinfo' \
-H 'Accept: application/json' \
-H 'access_token: <Token>'
(generated by the tool on the documentation)
to
curl -L -g 'https://{yourDomain}/userinfo' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <Token>'