I am actually getting the same error as well in my configuration and I suspect is due to this issue as discussed in this post:
API read scopes - 403 forbidden error - IdentityNow (IDN) / IDN Discussion and Questions - SailPoint Developer Community Forum
You can try to use personal access token (PAT) and see if it still hits the same error?