I am using Identity server 4 in my Asp.net core API Application , i am getting successful token on local server https://localhost:[port]/connect/token and it gives access token and when i use the bearer token to access authorize method then it working fine
but on server https://example.com/connect/token it also give successful token but when i use this token to access authorize method then it give 401 unauthorized error

  "Authority": "https://example.com",
  "Audience": "https://example.com/resources",
  "RequireHttpsMetadata": "true"


 services.AddIdentityServer(options =>
        {
            options.Events.RaiseErrorEvents = true;
            options.Events.RaiseInformationEvents = true;
            options.Events.RaiseFailureEvents = true;
            options.Events.RaiseSuccessEvents = true;
        })
            .AddDeveloperSigningCredential()
            .AddInMemoryPersistedGrants()
            .AddInMemoryIdentityResources(GetIdentityResources())
            .AddInMemoryApiResources(GetApiResources())
            .AddInMemoryClients(GetClients())
            .AddAspNetIdentity<User>();

        services.AddAuthentication(options =>
        {
            options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
        })
        .AddJwtBearer(options =>
          {
              options.Authority = configuration["AppSettings:Authority"];
              options.Audience = configuration["AppSettings:Audience"];
              options.RequireHttpsMetadata = Convert.ToBoolean(configuration["AppSettings:RequireHttpsMetadata"]);
          });
        services.AddTransient<IProfileService, IdentityClaimsProfileService>();



    public static IEnumerable<IdentityResource> GetIdentityResources()
    {
        return new List<IdentityResource>
        {
            new IdentityResources.OpenId(),
            new IdentityResources.Email(),
            new IdentityResources.Profile(),
        };
    }
    public static IEnumerable<ApiResource> GetApiResources()
    {
        return new List<ApiResource>
        {
            new ApiResource("api1", "My API")
        };
    }
    public static IEnumerable<Client> GetClients()
    {
        // client credentials client
        return new List<Client>
        {

            // resource owner password grant client
            new Client
            {
                ClientId = "ro.angular",
                AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,

                ClientSecrets =
                {
                    new Secret("secret".Sha256())
                },
                AllowedScopes = {
                    IdentityServerConstants.StandardScopes.OpenId,
                    IdentityServerConstants.StandardScopes.Profile,
                    IdentityServerConstants.StandardScopes.Email,
                    IdentityServerConstants.StandardScopes.Address,
                    "api1"
                },
                AllowOfflineAccess = true,
                RefreshTokenUsage = TokenUsage.ReUse,
                RefreshTokenExpiration = TokenExpiration.Sliding

            }
        };
    }

This might be because of scope variable.

You have to follow these steps to check scope

1. Copy your token
2. Paste this on Jwt.io
3. After decoding your token find the scope and then generate the token with right scope.