The Client-Id and Authorization fields are sent in the header of the request, they are not sent as querystring params.
How to do this will depend on what library you’re using to make HTTP requests so you should refer to the documentation for that library.