Looks like your access token might be opaque (you can check your token at https://jwt.io/). Usually an opaque token means that the token was not requested for a particular audience. Does the request have an audience value in the payload? (It would need to be the API identifier as the value if that is what you are trying to call.)