DO NOT EVER POST YOUR CLIENT SECRET PUBLICALLY

Secondly

DO NOT POST GENERATED TOKENS PUBLICALLY

The generated token, that I removed from your Post, is not a valid token. (And was about to not be as I was about to revoke it for security reasons)

So the token couldn’t be used with the API.

You should also cycle your leaked client secret

You can use a tool like Twitch | Token Checker to test if a token is valid, or Authentication | Twitch Developers

It seems that you generate a token in the CLI but then that token was no longer valid when making the curl call specified