I am getting a 406 Not Acceptable response when posting to the /admin/script-tags.json endpoint. I have a valid Shopify-Access-Token, it works for other requests.
Here is the request (access token removed):
curl https://(shopname).myshopify.com/admin/script-tags.json -X POST -H 'Content-Type: appliction/json' -H 'X-Shopify-Access-Token: (removed)' -H 'Content-Length: 75' --data '{"script_tag":{"event":"onload","src":"http://localhost:8888/js/embed.js"}}';; -v
It doesn't seem to make any difference if I point to a non-localhost domain or if it has https or not.
EDIT: I forgot to mention that I do have the scope access for: 'read_script_tags, write_script_tags'