Just to share. Spent some time trying to resolve 403 forbidden responses and just found this from Mark which resolved my issues:
“We have recently tightened up security around restricted IPs.
If you are getting 403’s you will have to either update your API account Restricted IPs to ensure you have the correct IP addresses or remove them altogether.
Please note that there is a caching period of 10 minutes.”
The key is ‘remove them altogether’. There is a problem with the IP address restriction implementation but if you don’t enter any IP addresses the API springs in to life. (Perhaps not a permanent solution but if you’re new this might help you)