It looks like you are requesting a management API token (specified by the audience param), not a token for whatever API is related to the read and write scopes you are expecting.
Is there a reason you need the management API audience?
1 Like