Are you using an application with RW+DM permissions as well as an access token negotiated with those permissions? By default, apps and applications are typically only allowed standard read/write operations, but working with reading direct messages requires that permission type.
