The token has an invalid header.
Confirm a valid token is being passed in the request.
To check whether the access token is structurally correct, you can use the tools available at jwt.io(link takes you to an external page).