Hi, I’m trying to make a button that will follow to the player that you want (by typing their ID in the text box). Here’s the API: https://friends.roblox.com//docs . You must to be authenticated to follow to the player using this API, so I need a help with it lol (I haven’t even wrote any script that can make post requests, so it may be new thing for me). Thanks!
1 Like
wont be really possible since you need to complete a captcha in order to follow someone
1 Like
Not always lol, I used this API a few minutes ago and it followed player successfully without the captcha
okay but it still can prompt you the captcha, and also you need to send your cookies in the post request which is against tos
Where it says that it against the ToS? Roblox allows you to make API requests.
you want to send a post request that requires someone to input their cookies with a roblox script
What are you talking about? I’m trying to make a script, that will follow user THAT YOU WANT from MY ACCOUNT.
You’ll need to make and host your own proxy, which is a lot of work
It is against the ToS to ask a client for their Roblox authentication cookie, which you need if you want to make that client follow somebody through the API. This is for Roblox games tho, for things such as browser extensions you can fetch their cookie directly and probably isn’t against the ToS(unless you use the API in a malicious way, for example for spamming people, which may result in Roblox taking action against the authenticated account).
You can still use a bot account on the server-side tho, although you need to ensure the authentication cookie is protected from the client, because you’re held responsible for the bot actions(that’s why it’s not recommended to use public proxies for this).
that counts as botting which is also against tos lol
1 Like
What the fuск are y’all talking about? I’m trying to make a bot that follows player from MY ACCOUNT, so I need to use MY COOKIES, + if you’ll do it, it’s not against the ToS, because the account is real and it has a lot of items on it, so it’s not counting.
Sorry, but I had to bypass the moderation system.
In that case as long you’re able to protect the account from unauthorized access and don’t accidently spam the hell out of the API you should be fine. Although captcha may become an issue because if players are able to trigger the follow event and its frequent it will be the same as you mass following people, and captchas are there to stop/reduce that phenomenon.
But what if I’ll add a 1 hour delay via the DataStoreService?
If the API is angry it will tell you about it. You should create a list of the most important errors(for example unauthorized, invalid csrf, rate limited, captcha, etc) and handle them individually instead of relying on constant delays.