Is it possible to call an external API from within a game?

KletusVanDamme · April 29, 2021, 2:25am

Hi,
Is it possible to do a GET request from within my game, to get information from an external API?
If so, can someone point me towards a tutorial/example/help page on how to get started?

I’m creating a game to teach kids how to spell, and I’d like to hit a Websters dictionary API to determine if they have created a legitimate word.

Thanks!

Lord Zorblat

And here’s my game if you are interested…
https://www.roblox.com/games/6358192824/Learn-to-Read-with-Liz-and-Kat-beta

HugeCoolboy2007 · April 29, 2021, 2:26am

I believe this is what you’re looking for: HttpService | Roblox Creator Documentation

KletusVanDamme · April 29, 2021, 2:34am

Sweet. That totally worked. Thanks!

kexy123 · April 29, 2021, 2:43am

I’d suggest not enabling Allow Http Requests. Making this enabled will make your game vulnerable to exploits. Apparently making your game hacked. Disable ““Allow Http Requests.”” To make your game not hacked.

How do they hack your game?

What hackers can do is that they can send pieces of scripts and code to the game servers and rapidly exploit a game using the code or crash the game. Although sending a game message to another game is kind of dangerous to use. Clients can also send a code message to the game and run the code.

What kind of code can they use?

Anything! They could send UI to hack the game or crash the game, they can send stuff that is not even appropriate to Roblox, or something really bad. They can even send code to ban the player if they know how.

colbert2677 · April 29, 2021, 2:52am

Sounds like you’re confusing this for LoadStringEnabled which even in that case simply enabling it doesn’t inherently make your game vulnerable to exploits. This warning is given under the assumption that you have poor code structure enough that an exploiter can give an instruction via a remote to execute arbitrary code.

HttpService doesn’t make your game vulnerable to exploits and no such warning exists for it either, it just determines if your game is allowed to make calls to external web servers or not. It’s a necessity if you need external API calls in your game. I would assume the case you might be thinking about is a GET request to a script file which again refer to the above - don’t architecture your code poorly and there won’t be any problem.

MichaelEpicA · April 29, 2021, 3:11am

… Thats more a serverside dude.