401 Unauthorized usually means the API key/secret is missing or invalid. Make sure the API client you're using is sending the auth credentials. If you're still having trouble with it, please provide the X-Request-ID value from the response headers of your call, and I'll use this to get more information from our logs.
I can try to find it if you provide a rough timestamp, the shop_id/URL you're making the call to, and the id of your app. The app id is the last set of numbers in the URL when viewing your app in the partner dashboard.
It turns out GET requests to the GraphQL endpoint result in a
401 - Unauthorized error as well. As a reminder all GraphQL requests should use the POST method.