My head is spinning.
The goal today was to get started working with the API of some vendor tooling. Basic authentication worked fine, but in their docs, they recommended using token auth.
It took forever to get anywhere. I gambled and decided to reach out to the vendor, even though it is a Saturday.
They were gracious enough to respond. He said he thought it was just a bad copy of one of the keys, since he put his token in and it worked as expected.
I tried with his provided creds, and it worked.
I should have reached out for help much SOONER.