Welcome to the Auth0 Community!
Thank you for posting your question, It’s possible that the access token that Auth0 returns is an opaque token that allows for calls only for the /userinfo endpoint. Please check and make sure that your auth0 SDK is adding the audience parameter with the proper API identifier in the request to get the valid access token, not the opaque one.
Thanks
Dawid