There is no “client-secret” header.
You need to use your clientID and clientSecret to generate an App Access token and send an Authorization header