Rails automatically includes the use of tokens for POST, DELETE, PATCH, but does not use the token for GET requests. It is a good idea to set this up for GET requests also.
Since Rails is already doing some of the work, I'm not categorizing this as 1.0 necessary.
Bonus, new word I learned that looks like a typo of a fake word: idempotent.
Rails automatically includes the use of tokens for POST, DELETE, PATCH, but does not use the token for GET requests. It is a good idea to set this up for GET requests also.
Since Rails is already doing some of the work, I'm not categorizing this as 1.0 necessary.
Bonus, new word I learned that looks like a typo of a fake word: idempotent.