Cloud 2 access token permissions

Started working with Influx Cloud 2 and have created a read/write token for my project, but it doesn’t appear to work the way I might expect - just testing with curl:

curl --request POST --header 'Authorization: Token <myreadwritetoken>' --url "https://us-west-2-1.aws.cloud2.influxdata.com/api/v2/query?org=<myorg>" -d '{"org":"<myorg>","query":"from(bucket: \"testbucket\") |> range(start: -1h) |> filter(fn: (r) => r._measurement == \"testmeasurement\") |> filter(fn: (r) => r._field == \"My Field\")"}'

result:
{"code":"unauthorized","message":"insufficient permissions to read specified organization and bucket"}

If I create an “All Access” token (the only other kind available) and use that, it works fine and I get data back. What am I doing wrong here? I don’t want to have to use an all access token in my production code.

An update. I created a new read/write token which works fine. The only thing I can think of is that when I created the original token, I did not have any buckets to assign it to and selected “All Buckets”. Maybe there is an issue creating a token when there are no buckets? In any case, it is working fine with the a new token.

Hello @roba,
Thanks for your question! You’ll need to specify an org and a bucket.