Did you log in first?
When you log in, the header of the response contains your token, which you need to provide in you future requests.
Then you set up a key-value in your request like this:
value: Bearer r7xtos45fjrwxr4sn4bfocrnja
where you insert your own token instead.
Hopes this works.