Recently I had a problem with token based authentication, when we switched in our cluster for two pods for our rails-based application we had a 401 response for each second request.
So the problem was fixed with defining a secret key in devise config, it was very simple fix, but I spent a lot of time for looking a solution :(, because I thought that the problem is caused by sessions or some session data.
Why the problem have appeared?
Secret key in devise is used for generating your application token string and second part of token – body. So when you have two instances of the same application without defining your secret key you will have different results on checking your token.
You may check this by trying this line in your application console with different secret key.