There is currently no support to have IoT Hub generate a security token. You will have to generate it locally, using the access key found in IoT Hub. This is done to avoid sending keys over the internet, as a security precaution. You can read more about it here.
When you do calculate that key, the correct endpoint to send device messages would be
POST https://fully-qualified-iothubname.azure-devices.net/devices/{id}/messages/events?api-version=2020-03-13