Reset Password Flow

[kamenomagic]

It is pretty straight forward what the flow is: https://github.com/lynndylanhurley/devise_token_auth/blob/master/docs/faq.md#whats-the-reset-password-flow

The problem I'm having with this is this part:
this redirect_url is a page on the frontend which contains a password and password_confirmation field

the user submits the form on this frontend page, which sends a request to API: PUT /auth/password with the password and password_confirmation parameters. In addition headers need to be included from the url params (you get these from the url as query params).

Headers can't be added to a form_for from what I understand. I am relatively new to rails/ruby, so I'm not sure how to add headers to some request that a view can make. I've tried adding ajax instead but couldn't get it to work, as well as possibly going through my own custom action which just repackages the request with the correct headers (but that requires an unauthenticated request)

Any help or intuition is helpful.

[kamenomagic]

I got the request working with very hacky ajax. I am now getting an unauthorized even though the headers are there, but that is a different issue.