Having Trouble with Login API, Cannot Log Into Bot Account for Group Auto Role

Help and Feedback Scripting Support
, , ,
#1

Background Information I am attempting to make a Group Auto Role Bot in Lua in Roblox Studio. Basically, if you meet certain requirements in a game the Bot Account will login to Roblox if not already logged in, and give the user the role in a group. I am using this API to do this, by the way.

The Issue When I send the Post Http Request (I’m using Frost’s Fixing HttpService Method), my script prints the status information “403 Forbidden 2” (2 is the reason, which is “You must pass the robot test before logging in.”). I read a devforum post that said you need the Cookie to login, however I don’t know how to get a cookie that constantly refreshes and can only be retrieved if you’re already authenticated, nor do I have any idea how to implement that.

Failed Fixes I’ve tried:

-- changing the API Version to v1
-- reading devforum posts that had similar problems to mine
-- diagnosing and fixing the problem by reading the Status Code Reason

My Script I just started on this project, so please do not expect it to look anywhere near finished or what I explained above.

local ProxyService = require(script.Parent.ProxyService)
local Proxy = ProxyService:New('https://blocked4securityreasons.herokuapp.com', 'blocked4securityreasons')

local Username = 'BotUsernameHere'
local Password = 'BotAccountPasswordHere'

local Token = nil

local http = game:GetService('HttpService')
local encode = http.JSONEncode

function getPost()
	local Post = Proxy:Post('https://auth.roblox.com/v1/login', encode(http, {
		ctype = 'Username',
		cvalue = Username,
		password = Password,
	}), Enum.HttpContentType.ApplicationJson, false, {
		['X-CSRF-TOKEN'] = Token
	})
	return Post
end

function attemptLogin(retry)
	local Post = getPost()
	if Post.status.code == 200 then
		print('success')
	else
		if retry == false then
			Token = Post.headers['x-csrf-token']
			wait(3)
			attemptLogin(true)
		else
			-- This just prints the status information when the Login Post Request fails
			print(Post.status.code, Post.status.message, string.sub(Post.body, string.find(Post.body, 'code"') + 6, string.find(Post.body, 'code"') + 6))
		end
	end
end

attemptLogin(false)

I highly appreciate any help. Thanks.

#2

I too have come across this exact issue. How do you use this endpoint to log in without always resorting to .ROBLOSECURITY? This is the only endpoint which always throws me this error regardless of if my captcha token parameter should be correct.

#3

Maybe you should just use a .ROBLOSECURITY cookie? I mean, I have a website that uses the same cookie since three months and it still works (I think it broke but it worked something like, a month ago?)

Edit: Still works!

#4

No if your cookie was invalid and you don’t want to keep retrieving it for example. There must be a workaround or a direct way that isn’t very clear in the documentation. I’m certain that all my data is correct but Roblox throws this 403 robot exception anyway.

EDIT: I know this because I’ve tried 3 times in a row and yielded the same result. Now im just trying to find out how to fix this.

EDIT 2: For anyone still wondering, I did solve the problem and my code is now fully functional. It is however clear why Roblox does not want people to use this login API as its easily abusable. So stick to using cookies as its better practice and faster!

2 Likes