Found the fix on another API-related issue and now it works. Thanks to @BarryCarlyon! 
For other people with the same issue:
curl_setopt($curl, CURLOPT_HEADER, array(
'Authorization: Bearer '.TWITCH_ACCESS_TOKEN,
'Client-ID: '.TWITCH_CLIENT_ID
));
has to be:
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer '.TWITCH_ACCESS_TOKEN,
'Client-ID: '.TWITCH_CLIENT_ID
));