After nearly a year of planning, implementation, and beta testing, we’re excited to announce that Open Cloud is now live! Open Cloud aims to provide a secure and flexible platform that allows you to access your Roblox resources e.g. your assets, places, player data, etc. through standardized web APIs. In the long term, we envision a prosperous application ecosystem that can be empowered by Open Cloud, where you can build your own tools and find all kinds of 3rd party apps that help maximize your productivity.
To start with, you can now create an API key on Creator Dashboard and write a script using the place publishing API to push your latest place files to Roblox Cloud. API key allows your script or application to authenticate into Roblox Cloud and do things on your behalf. Security is on top of our mind; when creating an API key, you can set granular permissions to the API keys by selecting experiences > resources > specific permissions like read or write. Additionally, you can add a list of IPs that are restricted to use the API key and set an explicit expiration date.
Warning: Please note that API keys are highly sensitive information and you should try your best to keep them in secure places.
The Place Publishing API allows you to automate the release workflow. For example, it can be hooked into a GitHub action and automatically pushes a rbxl file to Roblox Cloud after successful integration testing. We’ll keep adding more APIs in the near future.
We can’t wait to see how you can leverage these APIs!
Update 10/8/21 We have heard lots of great ideas regarding what APIs you’d need. Please help us prioritize by filling out this survey. Your input will directly impact our roadmap!
The Roblox Developer Services Team
- We only allow group owners to create API keys for now. As a group owner, you can switch to your group on Creator Dashboard by clicking the profile icon on top of the left nav, and then go to the “Credentials” page.
Note: An API key created for groups can only access the resources within the group. You need to create a separate key if you’d like your tool to access both your individual and group resources. We’re working on features that allow group members to create and manage API keys as fast follow work.
- If you set an explicit expiration date, which is highly recommended, all API calls with the key after the date will return errors. You can edit the key to have a new expiration date.
- Yes, you can use 0.0.0.0/0 to allow any IP. For security reasons, however, this is highly discouraged. In case your key got leaked, IP restrictions can prevent bad actors from using it on any devices. Please note your API key won’t be allowed by any IP by default unless you add a list or ranges.