Your URL is HTTP and not secure HTTP. Also, you need to always use FQDN when addressing the API or else things fail.
So calls over Http won't work?
Of course not. You would never send auth payloads to an API endpoint unsecured.
Alright. Thank you