Thanks!
Should anyone google upon this looking to answer the same question; setting FS_METHOD to ‘direct’ allowed direct uploads of files from authenticated users. To quote the linked doco:
“this is fraught with opening up security issues on poorly configured hosts”
…so buyer beware!
