Follow a player using the Roblox API

Hello, I’m having issues following players on Roblox using the API. I really want to be able to do this as I find the API fascinating and want to be able to use it properly, but I can’t figure out how the follow API works. I am using Python.

The issue is that I get the same error everytime I run the code. I have tried different things, but nothing has worked so far. The error I keep getting is: {'errors': [{'code': 0, 'message': 'Challenge is required to authorize the request'}]}.
That is the output from when printing the response and doing print(message_response.json()).

This is my code so far:

import requests
cookie = "_|WARNING:-DO-NOT-SHARE-THIS.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items.|cookie"
cookies = {'.ROBLOSECURITY': cookie}

auth_response ="", cookies=cookies)

if auth_response.status_code == 403:
    if "x-csrf-token" in auth_response.headers:
        token = auth_response.headers["x-csrf-token"]

headers = {
    "cookie": f".ROBLOSECURITY={cookie}",
    "x-csrf-token": token

playerId = 156

message_response ="{userToFollow}/follow", headers=headers, cookies=cookies)

Any help is appreciated, the main problem seems to be that “challenge is required to authorize the request”, but I don’t know what that means and I don’t know how to fix it.

1 Like

You need to prove you’re not a robot which generally isn’t possible.

I was really sure of that being the issue, but when I use Swagger UI, it worked perfectly and I never got the error I’m getting here. Generally I want to be able to call the API like done on that website, if possible.

Because the swagger UI is able to pass the test whereas your script can not

Sometimes, though, there is no test or captcha to pass. When I run the API on Swagger UI, the response code is 200 and the response body is

  "success": true,
  "isCaptchaRequired": false

It states that it was successful and that a captcha wasn’t required. I don’t need to specifically know how my script can pass the test, I just wish to know how to properly post the request when a captcha isn’t required like it usually isn’t and when I run it on the website.

Use the developer tools on chrome, go to network tab and follow someone. After that check all of the data that’s passed in the request

I would have expected Swagger UI to pass the captcha but this confuses me. I would be surprised if they can somehow post a request that simply never requires captcha.
Are you sure this is really always the case for Swagger UI?

you need to solve the captcha either manually or with a solver (against TOS)
captcha information is returned in the headers

People were abusing this in the past and Roblox reacted by locking it under a capatcha. Whenever something has a capatcha on it, it’s usually Roblox’s way of telling you not to do what you’re doing. There’s no ethical way around it.