401 Unauthorized responses on sandbox

This is a PayPal support post I wrote:

I have set up the Express Checkout with checkout.js per https://developer.paypal.com/docs/integration/direct/express-checkout/integration-jsv4/add-paypal-button/ (and subsequent pages). I am testing with credit card transactions and consistently getting a 401 Unauthorized response.

For example:

POST https://www.sandbox.paypal.com/webapps/hermes/api/payment/PAY-1EE13341N03083707LI5NGIY/execute
401 Unauthorized {"ack":"permission_denied","message":"Permission Denied"}

I've seen REST API documentation saying that payment_method should be set to "paypal" though no corollary documentation/examples for this checkout.js method. Looking in the rest.js source on https://github.com/paypal/paypal-checkout, it appears payment_method defaults to "paypal" anyway.

I've tried rotating the random credit card numbers I'm using for testing to no avail. Yesterday, very intermittently, I would sometimes get a 401 Unauthorized followed by a retry that then worked. Most of the time I was getting 401 followed by 400. Today I haven't been able to get any successful card transactions, always getting 401.

The payment Javascript is really basic and yes, the sandbox clientID and production clientID are set correctly in the script:

var tx_total = 100;
var tx_description = 'Test transaction';

paypal.Button.render({

	env: 'sandbox',

	client: {
		sandbox:    '[redacted]',
		production: '[redacted]'
	},

	style: {
		label: 'buynow',
		branding: true,
		size: 'medium'
	},

	commit: true,

	payment: function(data, actions) {
		return actions.payment.create({
			payment: {
				intent: 'sale',
				transactions: [
					{
						amount: {
							total: tx_total,
							currency: 'USD'
						},
						description: tx_description
					}
				]
			}
		});
	}

	// onAuthorize code redacted

}, '#paypal-button');

This is under a client's PayPal account, not mine, by the way.