class Devise::FailureApp
def http_auth?
is the same as your public API and uses a format like JSON (so you
handling the errors on their own. This is useful in case your AJAX API
on AJAX requests in case they want to redirect on failures instead of
This method allows the user to explicitly disable HTTP authentication
including 401 and optional headers.
Choose whether we should respond in an HTTP authentication fashion,
def http_auth? if request.xhr? Devise.http_authenticatable_on_xhr else !(request_format && is_navigational_format?) end end