Two separate things are going wrong here.
First, you have not actually applied the policy you intended to, to the batch token.
You have shown the exact commands you used - this is great for clearing up confusion! - but you haven’t shown the output produced. When I attempt to replicate your commands, I get different results. Had you actually granted the token you used to make the last request access to anything within secret/, you would get a different error message.
Second, even if you had applied that policy, it still would not have worked - the policy you have is appropriate for a KV v1, but it is now clear you are working with a KV v2. The KV v2 secret engine inserts an extra URL path segment between the mount point, and the internal path to the secret. Please refer to a previous reply I wrote on this subject, here: Policies not working on more levels. OICD Auth - #2 by maxb