Does Rails 4.2 use secret_token?

I also posted this on
StackExchange:

Are both secret_key_base and secret_token needed for production in Rails
4.2? Setting neither causes the following exception message:

Missing secret_token and secret_key_base for ‘production’ environment,
set
these values in config/secrets.yml

The 4.2 upgrade guide (Updating to Rails 5.0 · RailsApps)
says
this:

When you create a new Rails application using the rails new command, a
unique secret key is generated and written to the
config/initializers/secret_token.rb file.

But no such file was created when I generated my app, and there is no
reference to secret_token in config/secrets.yml

I’m assuming that the error message is wrong, and that only
secret_key_base
is needed. When I run my app in production on my dev machine, it starts
with just secret_key_base, but in Engineyard, setting secret_key_base
(via
an environment variable) isn’t working. I still get the error.

Hi John,

This documentation explains how to create secrets.yml.

Just create secrets.yml in app/config and copy the value from
app/config/initializers/secret_token.rb.

GT