Is this normal? I’m getting too many “Can’t verify CSRF token authenticity” log for my api calls in production.log file. but it seems the api calls are working. and also as stated bellow, I’m providing both api_key and api_username.
The code path has rails checking CSRF token and then logging that message, then using the
handle_unverified_request method from app/controllers/application_controller.rb to check the API keys.
So the log message is expected and useless for API key requests.