Can I rank members in a group via an API

rlp81 · January 14, 2025, 7:05pm

Hello! I’m trying to figure out how I can rank users in a Roblox group/community by using the API. It has come to my attention that the V1 and V2 API endpoints no longer work.

Is there a way to manage users in a Roblox group/community via an API Key without using .ROBLOXSECURITY?

frrazers · January 14, 2025, 7:07pm

rlp81 · January 14, 2025, 7:08pm

I assume membership_id is the roblox UserId?

12345koip · January 14, 2025, 7:46pm

MembershipId is not the Roblox UserId of the player. A group membership is established when a user joins the group and represents their connection to the group. v2 endpoints do in fact work, provided the API key is made by the user, not a group, with sufficient permissions.

I made a JavaScript snippet in #help-and-feedback:cloud-apps (I had a shocker, it took 62 replies lol) which has been tested and works for this. (it doesn’t include try-catch for the requests but it’s a template). The only reason I posted it here in JavaScript is because it was just kind of laying around from another topic, I can provide Luau snippets if you want.

the code

const groupId = /*group id here*/;
const targetRole = /*the name of the role the user should be changed to*/;
const targetUserId = /*the Roblox UserId of the target user*/;
const apiKey = /*your API key with group:read and group:write permissions*/

async function getGroupRoleId(targetRole) {
    //send the GET request
    let response = await fetch(`https://apis.roblox.com/cloud/v2/groups/${groupId}/roles?maxPageSize=50`, {
        method: "GET",
        headers: {
            "x-api-key": apiKey
        }
    });

    let data = await response.json()

    if (response.status !== 200) {
        console.log(data.message);
    }

    for (let role of data.groupRoles) {
        if (role.displayName === targetRole) {
            return Number(role.id);
        }
    }
};

async function getUserMembershipId(targetUserId) {
    let response = await fetch(`https://apis.roblox.com/cloud/v2/groups/${groupId}/memberships?maxPageSize=50`, {
        method: "GET",
        headers: {
            "x-api-key": apiKey
        }
    });

    console.log(response.status!==200?String(response.Status) + response.statusText:"Request ok. Code 200.");
    let data = await response.json();

    if (response.status !== 200) {
        console.log(data.message);
    };

    let pageToken = data.nextPageToken || 1;
    let currentPage = data.groupMemberships;

    while (pageToken) {
        for (let membership of currentPage) {
            if (!membership.user || !membership.path) {continue;};

            //check to see if it's the UserId of the user we want
            let splitted = membership.user.split("/");
            let userId = splitted[splitted.length - 1];

            if (userId == targetUserId) {
                //the UserIds match! Now, return the membership ID
                let splitted = membership.path.split("/");
                let membershipId = splitted[splitted.length - 1];
                return membershipId;
            }
        }

        if (pageToken === 1) {
            pageToken = 0;
            continue;
        };

        //membership not found on this page, let's advance to the next one
        let newResponse = await fetch(`https://apis.roblox.com/cloud/v2/groups/${groupId}/memberships?maxPageSize=50&pageToken=${pageToken}`, {
            method: "GET",
            headers: {
                "x-api-key": apiKey
            }
        });

        if (!newResponse.ok) { //if it failed for whatever reason
            warn("Failed to retrieve subsequent pages. Error code:", newResponse.status);
            break;
        };

        let newData = await newResponse.json();
        pageToken = newData.nextPageToken || 1;
        currentPage = newData.groupMemberships;
    }
};

async function updateUserRole(targetRoleId, targetMembershipId) {
    let response = await fetch(`https://apis.roblox.com/cloud/v2/groups/${groupId}/memberships/${targetMembershipId}`, {
        method: "PATCH",
        headers: {
            "Content-Type": "application/json",
            "x-api-key": apiKey
        },
        body: JSON.stringify({
            "role": `groups/${groupId}/roles/${targetRoleId}`
        })
    });

    let data = await response.json();

    if (response.status !== 200) {
        console.log(data.message);
    } else {
        console.log("Request ok. Code 200.")
    };
};

async function updateRoleProcess(userId, roleName) {
    let roleId = await getGroupRoleId(roleName);
    let membershipId = await getUserMembershipId(userId);
    await updateUserRole(roleId, membershipId);
};

updateRoleProcess(targetUserId, targetRole).catch(error => console.log(error));

Note if your group has 50+ roles this code will need tweaking

Although the docs preview does say a user id can be used in place, it doesn’t work when you do. You will need the membership ID.

rlp81 · January 14, 2025, 7:49pm

I’ve been doing some testing and I received this error:

{ "code": "UNAUTHENTICATED", "message": "Unsupported authorization method. Only OAuth tokens and User API keys are supported at this time." }

Does this mean I can’t use a Group API Key?

12345koip · January 14, 2025, 7:51pm

No, Group API keys, for some reason, don’t work. You’ll have to have a user, with sufficient permissions to manage members below them, create an API key and use that instead.

rlp81 · January 14, 2025, 7:53pm

Thank you! The curl command works!

system · January 28, 2025, 7:53pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.