Accessing Vault API with Self Client: INVALID_OAUTHTOKEN

Accessing Vault API with Self Client: INVALID_OAUTHTOKEN

Hi,
I'm struggling to access the Vault API using the Self Client app.

What I have done:
1. Created a Self Client app.
2. Generated the code using
   a. Scope: ZohoVault.secrets.ALL,ZohoVault.user.ALL
   b. Time duration: 10 minutes
   c. Scope description: Test
   d. Generate code and copy to clipboard.
3. In Postman
   a.  Set method to GET
   b. Add URL: https://vault.zoho.com/api/json/login?OPERATION_NAME=GET_LOGIN
   c. Add header parameter:
        (i) Key: Authorization
        (ii) Value: Zoho-oauthtoken {paste_code_generated_from_step_2d}
   d. Click Send.

Response:
  1. {
        "operation": {
            "result": {
                "error_code": "INVALID_OAUTHTOKEN",
                "message": "INVALID_OAUTHTOKEN",
                "status": "failed"
            },
            "name": "GET_LOGIN"
        }
    }

I've tried with Curl using the example given here and using PowerShell's Invoke-RestMethod, all resulting in the same error.

I cannot find the scopes ZohoVault.secrets.ALL and ZohoVault.user.ALL documented, so I've tried with just ZohoVault.user.READ.

What am I doing wrong?

Thank you in advance.