diff --git a/internal/auth/token.go b/internal/auth/token.go
index 212d2c3..f42e421 100644
--- a/internal/auth/token.go
+++ b/internal/auth/token.go
@@ -105,6 +105,7 @@ func CheckToken(tokenString string) (token models.Token, err error) {
 		return models.Token{}, ErrDeletedUser
 	}
 
+	acceptedPermissions := make([]string, 0, 8)
 	for _, permission := range permissions {
 		found := false
 
@@ -115,12 +116,12 @@ func CheckToken(tokenString string) (token models.Token, err error) {
 			}
 		}
 
-		if !found {
-			return models.Token{}, ErrWrongPermissions
+		if found {
+			acceptedPermissions = append(acceptedPermissions, permission)
 		}
 	}
 
-	return models.Token{UserID: user.ID, Permissions: permissions}, nil
+	return models.Token{UserID: user.ID, Permissions: acceptedPermissions}, nil
 }
 
 func parseClaims(jwtClaims jwt.Claims) (userid string, permissions []string, err error) {