Sorry to get back to you late. Were you able to get your solution working? If you see your token included those roles, it means your app should have permission to make a request. From the error message you posted, it seems like you got the connection issues. are you behind of firewall? if you are, adding the following code to use your default credential for your firewall.

System.Net.WebRequest.DefaultWebProxy.Credentials=System.Net.CredentialCache.DefaultCredentials