You can’t. Creating a token is only relevant as an authorisation for your api workflow endpoints.
You restrict information provided as a GET using privacy rules
I posed the same question Bubbles own api tokens, privacy rules query
Having reread that…I sound as if I know I’m talking about! I don’t it’s just a method of exclusion which I have exhausted over the past few days from work out for myself. This question in the forum I made was just asking for any insights from anyone else.