Rails app disable request forgery protection in test environment by default. So csrf token dose not appear in app using <%= csrf_meta_tags %> or form_for


# Disable request forgery protection in test environment.
config.action_controller.allow_forgery_protection = false

If you want to test or use csrf token you had better use mock to protect_against_forgery in specs.

allow_any_instance_of(ActionController::Base).to receive(:protect_against_forgery?).and_return(true)