Introducing Account Session Protection introduced a very well intentioned feature of additional ROBLOSECURITY protections. This is very much desired by high profile developers like myself.
However, a not insignificant amount of APIs that I need every day are not available through Open Cloud. This includes uploading models, for instance.
This is also ignoring tools such as Tarmac that don’t currently support Open Cloud, but could, though on an indeterminate timeline.
Most developers do not need these tools, however, so “disable this while we work on them” is not a bad middle-ground. At the end of the day, more developers are secure.
However, what is completely unacceptable is that opting out is irreversible. As a developer who uses external tools, you get to make a decision that will permanently affect the security of your account–do you keep on using your existing workflows which have zero equivalent alternative, or do you give them up and hope Roblox does them someday?
I chose to disable the account session protection, but it really wasn’t a choice at all given the reliance large projects have on these tools. So now if those ever get Open Cloud or native equivalents, I am still boned.
The reasoning for this restriction were not explained in the post, on the help page, or on the account session protection page itself. From my point of view, it is completely arbitrary and there is absolutely no way that this is the best solution we can do for the problem it is intended to solve.