Good callout! I was scanning the forum for topics related to Custom Auth in Workflows after the limitation came up during Office Hours. I apologize for the confusion.
We could try setting up the resource again to discard any entry errors on the Client ID/Secret. I ran into a different issue trying to reproduce yours, potentially related to the endpoint I'm making the request to. I'll reach out internally to see if there is something I'm missing because your current settings should work, specially after seeing how it succeeds when using blocks.
The issue I ran into is this one:
Using Custom API Authentication is the current workaround.