rails - “WARNING: Can't verify CSRF token authenticity” for json devise requests

Question

How can I retrieve the CSRF token to pass with a JSON request?

I know that for security reasons Rails is checking the CSRF token on all the request types (including

Answer 1

I ran into the same issue tonight. The reason that happens is because when you sign in the last csrf-token is no longer valid. What I did was: $("meta[name=csrf-token]").attr('content', '<%= form_authenticity_token %>'); in your app/views/devise/sessions/create.js.rb.

Now it does have a valid csrf-token :) I hope it helps