ActionController::InvalidAuthenticityToken
skip_before_action :verify_authenticity_token
#add it inside the controller
or
. check authenticity token is being sent with AJAX calls if using form_for helper with remote: true option.If not you can include the line <%= hidden_field_tag :authenticity_token, form_authenticity_token %> withing the form block