API request with HEAD method for artifact download requires full `api` permission token (instead of `read_api`)

I want to download an artifact from a gitlab instance (in a script).

I am using the job artifact API endpoint: /projects/:id/jobs/artifacts/:ref_name/download?job=name

In order to check, whether an artifact for the given ref_name exists, I initiate a HEAD request. If this is successful, then I run a GET request in order to retrieve the artifact archive.

This works fine, as long as I use a personal access token with full api privileges.

Instead I would like to use a token with only read_api permissions. But this fails for the HEAD request (403 Forbidden).

In my understanding, HEAD requests are read-only, thus I would expect, that the read_api permission is sufficient for such a request.