[Update] July 26, 2024
Hi Creators,
We are thrilled to announce that User Inventory API and Group Read API are now available to everyone as public beta, allowing you to more efficiently manage your community through item ownership validation, group roles listing, and many more!
To ensure consistent creator experience and future expansion, we have decided to use a new, more comprehensive API standard for all Open Cloud APIs. As a result, we updated the API version number to v2 to reflect new standards being used. Along with this, there are a few improvements and principles we are introducing:
-
Resource Oriented Design: The data you access will be defined as different types of resources, which can contain hierarchies and have operations (e.g. read and write) towards them.
-
Access Public & Private Data: Roblox platform shares certain information publicly, meaning there is no authentication required to get it. For example, user inventory is public by default but a user can choose to set it as private. Open Cloud APIs respect user privacy settings when responding to requests:
-
If the data is public, you can access it with an API key (with or without permissions) or any valid OAuth2 access token.
-
If the data is private, you can use an API key to access your own data, or get explicit user consent through OAuth2 to access their data.
- With the inventory API, you can access the user’s private inventory once they grant you the permission through OAuth2.
-
-
Standard Documentation: We updated the Open Cloud reference documentation to follow standard conventions and design, giving you a consistent documentation experience across all Open Cloud v2 resources.
User Inventory API
Many community apps have a critical need to access a user’s inventory and have been using the legacy inventory API as a workaround. However, the API is not intended for public consumption and won’t allow you to access private inventories or validate ownership for multiple items. The new Inventory API in Open Cloud is designed to empower third-party use cases from the beginning.
Here’s a video that shows how the API works:
Following resource oriented design, the API introduces “user inventory item” as a new resource, which you can “list” all or a subset of a user’s inventory using filtering. The API supports all item types in a user’s inventory, including Assets, Badges, Passes, and Private Servers.
Here are a few use cases that could be enabled with the API:
-
Show relevant inventory items in your app: the Inventory API will return the ItemID (depends on inventory type, it could be assetId, badgeId, etc.) that you can use to fetch details of each item using APIs like catalog)
-
Validate a user owns certain items: you can call the Inventory API by providing a list of item types and IDs, and determine ownership based on whether the return contains the items
-
View public inventory: you can use an API key (no permission) to list any user’s inventory that’s public.
Rate limits
-
100 requests/min per API key
-
20 requests/min per OAuth2 token
Check out this tutorial or use the Postman Collection (4.2 KB) to learn more about how to use this API.
Groups Read API
Groups have been an important way for you to engage users. Large groups can reach millions of members, making it challenging for tasks such as accepting new join requests, moderation, and ranking members.
Some creators have been using the legacy Groups API to automate certain workflows. However, the API is not designed to be used by third-party tools (requires you to share cookies) and has heavy rate limiting to prevent abuse. By integrating with API keys and OAuth2.0, the Open Cloud Groups API allows you to securely and smoothly manage your Groups related workflows! As the first step, we are exposing the ability to read Group information.
Here’s a video that shows how the API works:
The Groups API can operate on the following hierarchy of resources for a Group:
The resource contains the following info:
-
Group: basic group info such as name, description, member count, creation time, etc.
-
Group shout: current shout content and the poster
-
Group role: the roles defined in the group, including name, description, rank, member count, etc.
-
Group membership: the membership info for a specific user, including userId and role
With the Groups read API, you can do the following:
-
Display a Group’s info, including shout, in your app
-
Check the roles available in a Group and list the members in that role
-
List the groups that one or more users are in with “list groups/-/memberships?filter=”users in …“
-
Validate whether a user is in a particular Group or having a particular role in that Group
Since all the exposed Group information is public, you can use either an API key or a valid OAuth token to get the data. The rate limits depending on the endpoint:
- Get Group & Get Group Shout
-
150/min per API key
-
30/min per OAuth2 token
-
- List Group Memberships & List Group Roles
-
300/min per API key
-
90/min per OAuth2 token
-
Please note group API keys (i.e. keys created under a group) are currently not supported for both of the APIs.
To learn more about the Groups API, check out the API reference or use the
Group API Postman Collection (6.0 KB). The ability to update Groups resources will be supported in the future. Stay tuned!
We’re super pumped about the opportunities that can be unlocked with the APIs! Let us know if you have any questions or feedback. All future Open Cloud APIs will be released in the OAuth2.0 beta group first. If you’d like to get early access to the beta version APIs, please apply to the program using this form.
We are looking forward to seeing the cool features you’ll build! Check out our new doc site to get started.
Cheers,
The Roblox Open Cloud Team