Fatal error: Uncaught SoapFault exception:  Access denied.
Further investigation led me to this forum post - web services are separate users and you must first set them up through the admin screens - and make sure also to allocate roles to them.
The slight pitfall at this point is that you create a username and an API key - these then become the apiUser and apiKey variables mentioned in the documentation. The key is basically a password, its starred out in the settings and you have to enter it twice. Now I know that, I can log in to my service! Hope this helps someone else get to the point faster than I did.