Typically, a 401 response indicates that the information the server needs to authenticate your API request is either missing from the request or present but somehow invalid. I'd suggest that you:
1) Verify that the Authorization header is present in the request that fails.
2) If present, then verify that the contents of the Authorization header in the request that fails is identical to the contents of the Authorization header in the request that succeeds.
If you're sending the exact same Authorization header in both requests, then I wouldn't expect the server to return a 401 response for one operation but not the other. (If it were a permissions issue -- i.e., the user has rights to perform operation-A but not operation-B, then I'd expect the server to return a 403 Forbidden response for operation-B -- not a 401 Unauthorized response.)
Update (some additional thoughts)
It looks like both operations require one of these two access scopes:
- Sites.Read.All
- Sites.ReadWrite.All
You should verify that the token you're specifying in the Authorization
header of the failing request has at least one of these scopes (although as I said earlier, I'd expect the server to return 403 if you didn't have the proper access scope).
Also, if you obtained the access token via OAuth without a user providing authorization, then perhaps the information in this answer might be helpful: How to use OAuth when there is no user delegation? -- Microsoft Graph API. In the scenario that post describes, the server was returning a 401 response because the developer hadn't explicitly obtained administrator consent for the operation they were attempting to perform.