Getting started with MySonicwall API and PowerShell

I've gone through the steps of setting up the MSW key. I'm able to successfully retrieve the list of cloud tenants but if I try performing a get against the applicable mssp product and services, I get a 401 unauthorized. I'm sending the same header information with both requests, but it doesn't work. I understand that I might be missing required fields, but shouldn't that generate an invalid query message rather than unauthorized?

$script:MswKey=<MSW Key>
$script:headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Content-Type","application/json")
$headers.Add("X-API-KEY",$script:MswKey)
$uri='https://api.mysonicwall.com/api/hgms/get-cloud-tenants'
$Response=Invoke-RestMethod -Headers $script:headers -Uri $uri -Method Get
$tenants=$response.content.arrTenants
$tenants

This first query works without issue. If I do the same thing again, except query a different URI, I get a 401 unauthorized.

$script:MswKey=<MSW Key>
$script:headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Content-Type","application/json")
$headers.Add("X-API-KEY",$script:MswKey)
$uri='https://api.mysonicwall.com/api/mssp/applicable-mssp-product-services'
$Response=Invoke-RestMethod -Headers $script:headers -Uri $uri -Method Get
$Response

So, what about this second command causes it to generate a 401 unauthorized error? What am I missing? From the documentation, this query supports TenantID, serviceid, serialnumber and Mode parameters, but no indication of what these actually are and if they are required or optional. I found one of our TenantIDs and included that in the query, but it made no difference. I still get 401 unauthorized.