The problem was resolved by adding the following to the .htaccess file on the server for authorisations. This is a very common fix for hosting setups where Apache does not automatically pass Authorization headers to PHP or apps like WordPress, Laravel, etc.
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1