Hi Priyanshu Pathak,
Thanks for reaching out to Microsoft!
As per document, 403 Forbidden error occurs when the access is denied to the requested resource. The user might not have enough permission or might not have a required license.
Decode the Token by using jwt.io, scp (scope) or roles: Should include the permissions your app needs, like ExternalItem.ReadWrite.All.
For creating externalItem ,id,properties,acl are the required.
Make sure to pass the valid id, value, type.
Hope this helps.
If the answer is helpful, please click Accept Answer and kindly upvote. If you have any further questions about this answer, please click Comment.