Don’t ever leak access tokens. Also, do NOT use first party OAuth tokens. That Client ID does not belong to you so you should not be using their tokens.
Go through the OAuth process as documented in the Authentication docs and create your own app, and get the tokens you need there.
You don’t need to send that header as v5 doesn’t exist any more, and Helix doesn’t even use that header or version numbering.