Are Auto Group Payouts Possible?

Help and Feedback Scripting Support
13

EDIT 2: if you’re a new person looking for a solution, in this github repository I published a better explanation and an example python code that pays out robux from a group

Hi, if your request to “https://groups.roblox.com/v1/groups/{GROUPID}/payouts” returns error 403 and a “Challenge is required to authorize the request” message, you have to complete a 2fa challenge first, and send it with your request again.

In a “rblx-challenge-metadata” response header from the request with 403 error, you get a base64 encoded json string, containing “challengeId” key (i will refer to it as {CHALLENGEID} from now on). You also get a header “rblx-challenge-id”, with a different id, that you should save for later

You then have to make a POST request to “https://twostepverification.roblox.com/v1/users/{USERID}/challenges/authenticator/verify”, with a body containing this json: “{“challengeId”:”{CHALLENGEID}“,“actionType”:“Generic”,“code”:”{YOURCODE2FA}“}”

In a response to that, you should hopefully recieve this json:
“{“verificationToken”:”{VERIFICATIONTOKEN}“}”

After all that, you can finally send your validated request to “https://groups.roblox.com/v1/groups/{GROUPID}/payouts”, containing the same body as always, but with a few new headers:

  • rblx-challenge-id - you should enter here the challenge id from the response header of your initial post request (rblx-challenge-id)

  • rblx-challenge-type - just put “twostepverification” here

  • rblx-challenge-metadata - put a base64 encoded json here:
    {“verificationToken”:“{VERIFICATIONTOKEN}”}“,“rememberDevice”:false,“challengeId”:”{CHALLENGEID}",“actionType”:“Generic”}

and thats it. you should now get a 200 OK message as a response, and your robux should be paid out. just remember that there are two separate challengeIds, and you shouldnt mix them up together.

EDIT:

before sending your final request with all confirmed challengeIds to groups.roblox.com, you need to send an additional request to https://apis.roblox.com/challenge/v1/continue, here’s my code in the JavaScript programming language:

let challengeMetadata = {"verificationToken":verifToken,"rememberDevice":false,"challengeId":actualChallengeId,"actionType":"Generic"}

        let headersList = {
            "Accept": "*/*",
            "Cookie": ".ROBLOSECURITY="+process.env.RBLXKEY,
            "X-CSRF-TOKEN": token,
            "Content-Type": "application/json"
           }
           
           let bodyContent = JSON.stringify({
             "challengeId": rblxChallengeId,
             "challengeType": "twostepverification",
             "challengeMetadata": JSON.stringify(challengeMetadata)
           });
           
           let response = await fetch("https://apis.roblox.com/challenge/v1/continue", { 
             method: "POST",
             body: bodyContent,
             headers: headersList
           });
4 Likes