Well it isn't a proper fix but more of a bypass, however adding verify=False seems to have gotten me through. It seems the issue is with the verification of the certificate rather than the authorisation

 requests.get("https://website/api/list", verify=False, headers={"Authorization": f'Bearer {key}'})

But it does still leave me with an error in console.

raise SSLError(e, request=request)

requests.exceptions.SSLError: HTTPSConnectionPool(host='website', port=443): Max retries exceeded with url: /api/list(Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:992)')))

If someone knows/could explain how to make the verification work that would be appreciated especially as I cannot find my pem file