There haven’t been any API changes to make this start failing. @3ventic has the right idea. Check your OAuth token scopes. Client-ID wouldn’t matter in this case because you’re providing an OAuth token. Tokens don’t expire. Your URL looks fine to me.