I've recently been accessing the Google Analytics Core Reporting API using the client login (username & password) method rather than OAuth2.
All was working find with my integration and then out of the blue I started receiving this error message (formatted for easy reading):
[INFO] [talledLocalContainer] com.google.gdata.util.ServiceForbiddenException: Forbidden
<?xml version="1.0" encoding="UTF-8"?>
<internalReason>User does not have sufficient permissions for this profile.</internalReason>
Of course this looked like nonsense. My account is just fine, right?
Wrong. Turns out that I've been using a VPN to appear to be located in the USA. Google assumes that I should be authenticating from the UK and flags this up as suspicious activity on my account, which in turn breaks the integration.
The fix is to browse here: https://accounts.google.com/b/0/DisplayUnlockCaptcha or go and check for any suspicious activity on your account.
Alternatively, simply implement OAuth2 for the integration instead and presumably this won't happen again.