Follow a player using the Roblox API

scr1pt_alt · January 24, 2024, 8:56pm

Hello, I’m having issues following players on Roblox using the API. I really want to be able to do this as I find the API fascinating and want to be able to use it properly, but I can’t figure out how the follow API works. I am using Python.

The issue is that I get the same error everytime I run the code. I have tried different things, but nothing has worked so far. The error I keep getting is: {'errors': [{'code': 0, 'message': 'Challenge is required to authorize the request'}]}.
That is the output from when printing the requests.post response and doing print(message_response.json()).

This is my code so far:

import requests
cookie = "_|WARNING:-DO-NOT-SHARE-THIS.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items.|cookie"
cookies = {'.ROBLOSECURITY': cookie}

auth_response = requests.post("https://auth.roblox.com/v1/logout", cookies=cookies)

if auth_response.status_code == 403:
    if "x-csrf-token" in auth_response.headers:
        token = auth_response.headers["x-csrf-token"]

headers = {
    "cookie": f".ROBLOSECURITY={cookie}",
    "x-csrf-token": token
}

playerId = 156

message_response = requests.post("https://friends.roblox.com/v1/users/{userToFollow}/follow", headers=headers, cookies=cookies)
print(message_response.json())

Any help is appreciated, the main problem seems to be that “challenge is required to authorize the request”, but I don’t know what that means and I don’t know how to fix it.

TreeBen77 · January 24, 2024, 9:04pm

You need to prove you’re not a robot which generally isn’t possible.

scr1pt_alt · January 24, 2024, 9:23pm

I was really sure of that being the issue, but when I use Swagger UI, it worked perfectly and I never got the error I’m getting here. Generally I want to be able to call the API like done on that website, if possible.

TreeBen77 · January 24, 2024, 9:37pm

Because the swagger UI is able to pass the test whereas your script can not

scr1pt_alt · January 24, 2024, 9:42pm

Sometimes, though, there is no test or captcha to pass. When I run the API on Swagger UI, the response code is 200 and the response body is

{
  "success": true,
  "isCaptchaRequired": false
}

It states that it was successful and that a captcha wasn’t required. I don’t need to specifically know how my script can pass the test, I just wish to know how to properly post the request when a captcha isn’t required like it usually isn’t and when I run it on the website.

MrOnlyKemal · January 24, 2024, 10:13pm

Use the developer tools on chrome, go to network tab and follow someone. After that check all of the data that’s passed in the request

kwkxbxkdkdjjd · January 24, 2024, 10:48pm

I would have expected Swagger UI to pass the captcha but this confuses me. I would be surprised if they can somehow post a request that simply never requires captcha.
Are you sure this is really always the case for Swagger UI?

maaxyyyyyyy · January 25, 2024, 12:27am

you need to solve the captcha either manually or with a solver (against TOS)
captcha information is returned in the headers

sanjay2003 · January 25, 2024, 6:23am

People were abusing this in the past and Roblox reacted by locking it under a capatcha. Whenever something has a capatcha on it, it’s usually Roblox’s way of telling you not to do what you’re doing. There’s no ethical way around it.