Introducing the Ban API and Alt Account Detection

No, they especially use cookies to detect it. If a cookie that belongs to another account has been used before on the same browser, they mark it using PlayerHydrationService.

I concur, its probably best to take out the 50-70% of people who don’t know what the hell a cookie is outside of a chocolate chip one than to fire blindly at offending IP’s and take out random non-offenders because IP’s are usually shared

however, we won’t know until someone reverse engineers it, which I hope is soon because I yearn to find out how in the hell this system works

I was wondering when I will see something of my interest… And finally, I saw it today. Thank you!

Let’s just hope exploiters don’t find a way to ruin the game by using this feature to their advantage too soon.

Been wishing for a API like this for years now! Glad it’s finally added, this was a long time coming.

For future updates, it would be super cool to see it expand where developers can make custom functions on what happens to the banned players instead of just not letting them join. For example, teleporting them to a completely different place or making it so they can only spectate.

i could imagine policyservice being used to determine if the user can see external links or not

but as for people under 13, theyre just going to have to cry (unless you have other means of doing so)

This is ABSOLUTELY amazing, just wondering if someone on my internet gets banned lets say my brother, would that ban my account if its a different email but same network?

It’s a very specific cookie that you have to clean, otherwise, it will automatically get marked as an alt. I don’t think it’s the BrowserID cookie though.

I tried logging into a different account on my browser and didn’t get banned so not sure if that’s how they’re doing it

is the opencloud api broken or not working?

i get this very, helpful and informative error when doing any request to PATCH /cloud/v2/universes/{universe}/user-restrictions/{user-restriction}

{ errors: [ { message: '', code: 0 } ] }

and trying to do GET /user-restrictions:listLogs, it returns

{
  code: 'INVALID_ARGUMENT',
  message: 'Failed to parse resource path and its identifiers - universes/4570608156/user-restrictions/user-restrictions:listLogs.'
}

        const url = `https://apis.roblox.com/cloud/v2/universes/4570608156/user-restrictions/user-restrictions:listLogs?maxPageSize=10?filter="user == 'user/355661302'"`

        try {
            const response = await axios.get(url, {
                headers: {
                    "Content-Type": "application/json",
                    "x-api-key": process.env.BAN_API_KEY
                }
            })

            console.log(response.data)

const user_id = parseInt(key.split("_")[1])
        const url = `https://apis.roblox.com/cloud/v2/universes/4570608156/user-restrictions/${user_id}/`
        const body = {
            gameJoinRestriction: {
                active: true,
                duration: true_duration,
                privateReason: "Internal ban reasons are managed by Irity",
                displayReason: reason,
                excludeAltAccounts: false,
            }
        }

        try {
            const response = await axios.patch(url, body, {
                headers: {
                    "Content-Type": "application/json",
                    "x-api-key": process.env.BAN_API_KEY
                }
            })

            if (response.status === 200) {
                return true
            } else {
                return false
            }
        } catch (error) {
            console.error(error.response.data)
            return false
        }

It’s still not too late to rename BanConfigType to BanConfiguration or BanConfig.

Does anyone know if the alt account detection would apply to a household with like 4 family members playing roblox, and one of them gets banned, but the other 3 are innocent, would the rest of the accounts get banned, or does the alt account detection know they are regular accounts?

Why does the ban fail if the ban reason is filtered? This neuters automated ban systems such as honeypot remotes to bait exploiters, voting systems, etc. because now you need to have a fallback ban reason such as an empty string. I would prefer users see a partial ban reason or a fully censored ban reason, rather than have all of my automated bans fail because the filter is having a bad day.

Further, why not store the unfiltered ban reason and display it filtered after that? This is putting a lot of faith in the text filter being reliable.

Can the OpenCloud API be used by group API keys or is it only available for User keys at the moment?

Adding onto this, is the filter the same as the in-game chat filter? If not, is there a way to “test” the filter with our ban messages (ie. GetChatForUserAsync)?

Otherwise a great feature, and I look forward to it being available on Creator Hub.

that’s just a bug, it happened to me like years ago too, it’s an authentication error or something, wasn’t it?

Hello! You can unban yourself by using the OpenCloud UpdateUserRestriction API and setting the game_join_restriction.active to false!

I’ve been waiting for this forever, thank you so much I’ve been dreading having to make a ban system again, and with this? I can stop worrying about that!

Furthermore, it’ll be nice knowing some alt-account detection is incorporated with it, too.

Hi! You can unban yourself by using the OpenCloud UpdateUserRestriction API and setting the game_join_restriction.active to false!

Obligatory “WOO! YEAAAH BABY!”