Apple Music Kit unable to get proper Music-User-Token generated

Question

Im creating a login with apple music feature on a PHP coded website, so far so good. Im able to login get the access_token from the user, im also able to get public track and playlist info using my encrypted developer token.

But I would also like to create a library playlist for that logged in user, the docs in apple suggest that to make personal changes I need to add a special header:

Music-User-Token: [music user token]

I assumed that the Music-User-Token is the access_token of the user, but that fails, I also tried the id_token from the logged in session, but it also fails.

My end CURL request looks something like this:

curl -v \
-H 'Content-Type: application/json' \
-H 'Music-User-Token: USER_MUSIC_TOKEN' \
-H 'Authorization: Bearer DEVELOPER_TOKEN' \
--request POST \
--data '{"attributes":{"name":"1622799194 playlist","description":""},"relationships":{"tracks":{"data":[{"id":"1560879523","type":"songs"}]}}}' \
"https://api.music.apple.com/v1/me/library/playlists"

The response I get is:

* upload completely sent off: 135 out of 135 bytes
< HTTP/1.1 403 Forbidden
< Content-Type: application/json;charset=utf-8
< Content-Length: 132
< Server: daiquiri/3.0.0
< x-apple-jingle-correlation-key: 7QETXMYLA5HYFGWO75NMIYAZ2E
< x-apple-request-uuid: fc093bb3-0b07-4f82-9ace-ff5ac46019d1
< b3: fc093bb30b074f829aceff5ac46019d1-3adb16d23e03d043
< x-b3-traceid: fc093bb30b074f829aceff5ac46019d1
< x-b3-spanid: 3adb16d23e03d043
< apple-seq: 0.0
< apple-tk: false
< apple-originating-system: MZStorePlatform
< X-Apple-Application-Site: ST11
< X-Apple-Application-Instance: 2513606
< x-responding-instance: MZStorePlatform:2513606:::
< apple-timing-app: 11 ms
< Cache-Control: private, no-cache, no-store, no-transform, must-revalidate, max-age=0
< Strict-Transport-Security: max-age=31536000; includeSubDomains
< is-jetty: true
< x-apple-lokamai-no-cache: true
< x-daiquiri-instance: daiquiri:48626004:st53p00it-qujn14050101:7987:21HOTFIX5
< Access-Control-Allow-Origin: *
< Strict-Transport-Security: max-age=31536000; includeSubDomains
< Date: Fri, 04 Jun 2021 09:55:15 GMT
< Connection: close
< 
* Closing connection 0
{"errors":[{"id":"7QETXMYLA5HYFGWO75NMIYAZ2E","title":"Forbidden","detail":"Invalid authentication","status":"403","code":"40300"}]}

How do I generate the proper for Apple Music Kit Music-User-Token manually?

Thank you!