Restrict Cubbyhole secret

How can we restrict a cubbyhole secret to be only viewed and no other operations performed on it.
For example- I create a new token and using this token I create a cubbyhole secret then how can I restrict that this secret is view only by anyone with whom I am going to share the token or is it not possible?

This doesn’t really make sense - Vault tokens are effectively session cookies - you should never share them, as they allow other people to interact with Vault as if they were you, with all your privileges.

I want to share secrets using cubbyhole so that is why I am creating new token to create a secret for a particular user.

This is not what cubbyhole is intended for. It is not supported.