diff --git a/app/services/groups/base_service.rb b/app/services/groups/base_service.rb
index 8c8acce5ca5a3fe637c08f3ffc0fb4be4a2cbdaf..019cd047ae9a587725b0f22e9d6d51138947e41e 100644
--- a/app/services/groups/base_service.rb
+++ b/app/services/groups/base_service.rb
@@ -7,5 +7,11 @@ class BaseService < ::BaseService
     def initialize(group, user, params = {})
       @group, @current_user, @params = group, user, params.dup
     end
+
+    private
+
+    def remove_unallowed_params
+      # overridden in EE
+    end
   end
 end
diff --git a/app/services/groups/create_service.rb b/app/services/groups/create_service.rb
index 99ead467f7471c14409e51138c8f5c8494b0be8a..74aad3b1c945efb3556afd9968541af7ee62491e 100644
--- a/app/services/groups/create_service.rb
+++ b/app/services/groups/create_service.rb
@@ -8,6 +8,8 @@ def initialize(user, params = {})
     end
 
     def execute
+      remove_unallowed_params
+
       @group = Group.new(params)
 
       after_build_hook(@group, params)
diff --git a/app/services/groups/update_service.rb b/app/services/groups/update_service.rb
index 787445180f0dc0d91dcd373e00ef0d8e535318d6..73e1e00dc33ea2e2db72f359b8f780967bbfa874 100644
--- a/app/services/groups/update_service.rb
+++ b/app/services/groups/update_service.rb
@@ -6,6 +6,7 @@ class UpdateService < Groups::BaseService
 
     def execute
       reject_parent_id!
+      remove_unallowed_params
 
       return false unless valid_visibility_level_change?(group, params[:visibility_level])
 
diff --git a/lib/api/groups.rb b/lib/api/groups.rb
index 9fcf476f5379dcb75552169e47df4f548685abfe..ad16f26f5cc7e95ad6aa76c6ec1a69d14aefc241 100644
--- a/lib/api/groups.rb
+++ b/lib/api/groups.rb
@@ -26,6 +26,7 @@ class Groups < Grape::API
           optional :ldap_cn, type: String, desc: 'LDAP Common Name'
           optional :ldap_access, type: Integer, desc: 'A valid access level'
           optional :shared_runners_minutes_limit, type: Integer, desc: '(admin-only) Pipeline minutes quota for this group'
+          optional :extra_shared_runners_minutes_limit, type: Integer, desc: '(admin-only) Extra pipeline minutes quota for this group'
           all_or_none_of :ldap_cn, :ldap_access
         end
       end
diff --git a/lib/api/users.rb b/lib/api/users.rb
index 776329622e2424c77e30b7ded738bc0e84b8d4e0..2f23e33bd4af252873135aea740443ca75c6877f 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -54,6 +54,7 @@ def reorder_users(users)
 
           if Gitlab.ee?
             optional :shared_runners_minutes_limit, type: Integer, desc: 'Pipeline minutes quota for this user'
+            optional :extra_shared_runners_minutes_limit, type: Integer, desc: '(admin-only) Extra pipeline minutes quota for this user'
           end
         end