Your client Id header is still wrong tho.
@Ague is right. it has to be Client-ID.
The only reason it works here is bcs your access token is actually valid now. If you provide a valid access token the api infers the client id from the access token.
You maybe want to keep this in mind if you ever do requests without an access token