Token can't access path .. im crazy with this

Hello guys… i have a very simple, common task, that has been impossible.

I have a key value v1 secrets engine on path /kv1/, there i create a EDL/data1 and EDL/data2 so i have


now… i want to create a token for a user that can read and write on that path… so i create the following policiy

path "/secret/kv1/EDL/*" {
  capabilities = ["create", "read", "update", "patch", "delete", "list"]
path "/kv1/EDL/*" {
  capabilities = ["create", "read", "update", "patch", "delete", "list"]

create a token with that policy

vault token create -policy=edl

and when i access the gui using that token and try to access /kv1/EDL i got…

Not Authorized

You don’t have access to kv1/ . If you think you’ve reached this page in error, please contact your administrator.

Go back home.

im almost crazy with this… how can i create a simple token so the user can access /kv1/EDL/* ???

The UI requires an additional policy path (list on the mount). This is needed to browse the secrets in the UI.

path "kv1/" {
  capabilities = ["list"]
path "kv1/EDL/*" {
  capabilities = ["create", "read", "update", "delete", "list", "patch"]