You’re not sending an Authorization header with an OAuth token, as specified by the new requirements announced months ago that recently went live.
Also, unrelated to the issue, you’re sending the Accept: application/vnd.twitchtv.v5+json header, which is completely pointless as that’s only for Kraken, and doesn’t do anything on Helix.