Additional permissions are now required to register for an event via api. To get this to work, I had to add the permission, `Access CiviCRM`. I had done this after trial and error when I saw that the helper text for this permission states, "Access CiviCRM Backend and API". Previously, I was always fine with just having the API specific permissions allowed, as well as the Register for Events and View Event Info permissions.
The previous version of CiviCRM that I was running was 4.7.13, and this all worked fine without the `Access CiviCRM` permission.
I don't believe this permission should be required as we don't want backend access of CiviCRM exposed publicly.