Showing prefix of token in error message?

Showing prefix of token in error message?

In our development context we have a lot of different tokens. If a developer gets "permission denied", it is often not immediately clear which token was used.

I would like to improve the error message and show a prefix of the token.

Imagine I have a token like this:

aragq29uFDgfDdgf44SdfgfSSgfdRsgdDG45

I would like to show:

permission denied (token starts with "aragq...")

Is this a security risk?