Every time I try to use this I get an unauthorized message back:
curl -H 'Client-ID: <client id that works for other stuff>' -X GET 'https://api.twitch.tv/
helix/webhooks/subscriptions'
{"error":"Unauthorized","status":401,"message":"Must provide valid app token."}
Getting a app access token does work, so the example in the documentation could do with updating to use Authorized: Bearer <token> rather than Client-ID.