Some endpoints at api.inaturalist.org pass requests through to www.inaturalist.org, and for those an oauth token will work (though not an invalid one). It’s not something I recommend doing though. Better to get a fresh JWT and use it for all requests to api.inaturalist.org that require auth.
@joanma747, do you have your code posted somewhere in an unminimized form?