Turning off authenticity token in Rails 2 for web services?

Question

Instead of just filling out the form in HTML it should also be possible to just send a post request containing the params.. Is it possible to turn off the authenticity token

Answer 1

Wouldn't it be easier to just add the authenticity token to every json request?

Yes, but then the client would have to send a request first just to get the token and then another with the actual POST request, which does not make sense IMHO..