Unpermitted Parameters - Rails 4

I'm using Devise (3.2.4), Rails 4 and I'm trying to signup.

I have a Registration Controller where i do have:

def sign_up_params
:last_name,:mobile, :birthday, :current_password,

and everytime i try to sign up I get the following message:

Processing by Devise::RegistrationsController#create as HTML
  Parameters: {"utf8"=>"✓",
"user"=>{"first_name"=>"Joao", "last_name"=>"Miguel", "birthday"=>"",
"mobile"=>"0987654", "email"=>"joao.miguel@gmail.com",
"password"=>"[FILTERED]", "password_confirmation"=>"[FILTERED]"},
"commit"=>"Sign up"}
Unpermitted parameters: first_name, last_name, birthday, mobile

and my users table is updated but first_name, last_name, birthday,
mobile are null.

Does anyone has any idea how can I solve this issue?
thanks in advance

Hey there,

Have a look at this example
It should solve your problem.

After update my Registration Controller, restart server, I still get the
same error.

You need to override the devise strong params implementation inside your ApplicationController.

We could use a simple before_filter to check if devise controller is been use.

class ApplicationController < ActionController::Base

  before_filter :configure_permitted_parameters, if: :devise_controller?


  def configure_permitted_parameters

    devise_parameter_sanitazer.for(:sign_up){|u| u.permit(:first_name, :last_name, :birthday, :mobile, :password, :password_confirmation}




Hope that helps.

Hi Rita,

Please, check the following steps:

  1. If you created a custom RegistrationController, you have to set devise routes to use it. Something like this:


devise_for :users, controllers: { registrations: “registrations” }

2.sign_up_params is a private method in devise source code. So make sure that your method definition is inside a private section of you custom controller as well.


def sign_up_params



I’ve written a blog post describing how my team extended devise’s RegistrationController here. Hope it helps.



It worked.
Thank you so much for your help :slight_smile:


Acutly rails 4 support strong parameter , we need mention those attributes outside model such as nested attributes , needs declare in controller to_pramas private method

And more rails 4 strong parameter please check following link


I think help u…