When attempting to implement a recently created Machine to Machine application, generating an access token then passing it to a node.js application that uses said application returned the following:
<html>
<head><title>400 Request Header Or Cookie Too Large</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>Request Header Or Cookie Too Large</center>
<hr><center>nginx</center>
</body>
</html>
On account of the access token generated being over 18K characters long.
I may have misunderstood the initial post, but after examining the token on jwt.io, it seems that the number of permissions applied to the m2m application (the one in my dev environment was set up by another developer for another purpose, then reused for another task much later) was the key issue. This has now been resolved.