So this question has two parts, but can likely be solved by being able to detect the subdomain within ApplicationController.
The solution I was planning to use is something along the lines of:
if request.subdomain == 'api'
protect_from_forgery with: :null_session
else
protect_from_forgery with: :exception
end
But request is not being resolved... I am getting this:
undefined local variable or method `request' for ApplicationController:Class
