Argh I have fallen foul of credential caching!
I had been extending an app to provide this new functionality and testing with a user I had previously logged in as. I was using app engine to persist credentials in the app engine credential store. On method authorization the old cached credentials we being used rather than the freshly authenticated ones.
Flushing the app engine memcache and deleting the credentials from the credential store resolved the issue.