What is CSRF? How does it work on Ruby on Rails applications? | AppSec Expert discusses 

CSRF is typically not so much of an issue for api applications. Csrf happens because the browser submits cookies in the request sometimes without the user’s knowledge. In the case of apis Csrf can only happen when there’s a misconfigured frontend or if the api leverages cookies (which is not typical)

It’s not really different. The bigger thing to focus on here is how a Ruby on Rails app is rendered vulnerable to csrf and how it can be secured

@@AppSecEngineer got it 👌👍