The error clearly says its 401 Unauthroized and Invalid Token. Can you show what all request body, request header data you are sending while making this call?
Once you have your PAT(personal access token) as per this documentation, then pass that in the authorization header as mxtoken <your personal access token>