Automate RtbF Processing with Webhook and Open Cloud

Hi Creators,

We are excited to announce a reference design that helps you fully automate RtbF requests by leveraging the recently launched Webhook and Open Cloud Data Stores API!

Today, most experiences save user data, such as their level info and inventory, in the Data Stores service. When a user sends a Right-to-be-Forgotten (RtbF) request to Roblox, our customer support team will pull out all the experiences this user has played and notify the experience owners through messages and, recently, Webhook.

To comply with legal requirements such as GDPR, creators have to delete the corresponding user data in their Data Stores within 30 days. However, the process of mapping user info to the entries in Data Stores and removing them often requires lots of manual effort, thus taking away the valuable time you could spend on building your content.

We understand that being able to automate the RtbF handling process will greatly streamline your workflow. By combining Webhook notification and Open Cloud Data Stores API, now it becomes possible!

Here’s a high-level look at how the solution works:

1230×582 20.8 KB

To make the integration easier for you, we have built a reference design with source code that leverages Guilded and other third party bots to automatically handle the process.

Following this design, you will set up a private channel that receives RtbF webhook messages. Then you will build and add the bot to this channel, which will read all the messages as they come in and invoke a Python script (the bot) that calls the Open Cloud API to delete entries in Data Stores.

To customize this solution for your own experiences, all you need to do is to edit the Python configuration to map to your data schema.

We hope this reference design can free you to focus on building awesome content on Roblox while being fully GDPR compliant. In the long term, we’ll continue investigating a fully in-house solution to minimize the friction for the process.

We’d love to hear your feedback - please comment below! To get started, check out the detailed step-to-step tutorial.

Thank you,
The Roblox Creator Services Team

FAQ

Data Store already supports user ID tagging, why aren’t these data deleted automatically?
An overwhelming amount of data is not tagged, and any historical data introduced prior to the tagging feature is also not tagged. Deleting tagged data would only solve a minority of Data Store use cases today.

How come Roblox is not offering a fully in-house solution?
A fully in-house solution is still in the works. This guide showcases what creators can accomplish today using currently available tools, and does not take away from our long term commitment.

Does this solution abuse third party webhook policies?
We respect and follow all third party application’s terms of service. Contrary to webhooks generated in game using HttpService, Roblox webhooks closely follow rate limits set by third party apps, and is designed to not spam or overwhelm the webhook receiver.

This topic was automatically opened after 10 minutes.

First of all, I’m very happy to see this change; we had been eagerly awaiting for it, and with a quick change to our endpoint we managed to get setup before this topic even opened.

We do have a slight issue with the fact we can’t filter which requests come through. This means I could receive in my webhook requests relative to other games, owned either personally by me or groups other than the one the webhook is intended for; as we have no ability to point which game owner the webhook is related to.

It’s great to see that not only did you guys showcase what you can do with this feature but you also made the bots public for both Guilded and Discord.

Love this change, GDPR compliance has been a long-term annoyance for pretty much all of us!

Just a query, as I’m looking to make an OAuth application in the upcoming months, do we also receive RtbF notifications for those who have authorised access to their accounts through those applications?

really happy that this is finally an automated system, even if it does require some setting up. good solution to a complex problem, though!

Assuming your app will generate URLs for your users to push webhook notifications to, they can just put the URL on the webhook portal. Then your app can help them automate the process. Similar to the bot, your app needs to securely store the API keys from your users.

Thanks, I will route this feedback to our webhook team.

Sorry, probably bad wording in my original message but what I wanted to check was this:

Say a user grants access to their account via OAuth for a purpose such as verification, access to group data, linking their Roblox account to an external service. Would I receive the RtbF notification messages for that user requesting to be deleted automatically as it’s my service they’d be using. The original post only mentions experiences that a user would be joining.

Gotcha. I don’t think your app will get RtbF from us. The user has to send a separate RtbF to you should they want to delete the data stored in your app.

Is it possible for this to be changed in the future?

You could just have a button to have the user delete their data

It’s nice to have automation now… but setting it up takes 500 steps

Edit: I actually gave up on it lol. I’d rather do it manually than waste 30 minutes setting something up that requires 50 different things to work… which you gotta do for every single game [you could edit it in later, but it’s still a pain]…

Currently, it is not possible to customize the webhook configuration for RTBF requests on a per-universe or per-game basis. Nevertheless, if any form of customization is needed, it can be implemented either at the HTTP server logic or within the bot’s logic by incorporating filters based on the Game IDs.

The setup can be done within 15 minutes, and you would only need to set up once for all your games.

Always happy to hear what your ideal solution would be and bring it back to our team!

I’m glad we’ve had a system for handling GDPR data deletion requests, but this can’t be the long-term solution. I’ve developed my own tool for this, which works for me, but:

1. Required a significant amount of time to set up and verify it works with Roblox’s requests.
2. Requires me to host this somewhere, which costs money.
3. Requires this application to be exposed to the internet with a domain name. Either this costs money or requires integration with another service (Guilded in this example, which is an idea I never thought of).
4. If you host your own domain, requires an SSL certificate. Some hosting solutions require you to pay for their special service whatever.

Needless to say, this is a lot to do with what the article covers. It is at my own expense to receive requests from Roblox just to send them back to Roblox, all while dealing with the security concerns of hosting an application with API keys to the open internet. Most people won’t even touch this. This can’t be the long-term solution if everyone complying is the goal.

And to anyone wondering: no, I will not open up my hosting of Nexus Clearing. I’m nervous about the security of my own games. I don’t want to risk the security of yours as well.

Isn’t an internal system built into roblox that doesn’t rely on 3rd party apps & setting up bots possible?
If bots/webhooks can do it, why can’t roblox? (Even if we have to add a script or something? Example: Roblox sends request, script detects [surely this is possible somehow], and deletes data for that user?)

Relying on 3rd party apps isn’t a very good solution.

Edit: not to mention the load it puts on those 3rd party apps. Like discord, theres a limit to webhook uses in a short time… It’s rare that it could happen, but not impossible… Big games probably get a lot of requests… that could potentially break the system.

You definitely raise good points, we are aware of the drawback of this sample solution. As stated in the post above:

Ever thought of giving us a field in the dashboard for each experience where we can input code to be run whenever a RtbF request comes through rather than us having to develop and run external bots. It would more fit in to the Roblox ethos of everything being available at your fingertips and accessible to everyone.

Repeating what I said on the previous post about this, webhooks aren’t really an adequate solution to automate GDPR removals. I should be able to write lua code on the creator dashboard (or in some special service in studio) that Roblox can run whenever a GDPR request is received. That way this code can delete whatever is necessary for that specific game without the creator having to do anything manual after writing the code.

I shouldn’t have to do all these steps just to complete GDPR requests.