Open Cloud - Publishing Your Places with API Keys is Now Live!

Hey developers,

After nearly a year of planning, implementation, and beta testing, we’re excited to announce that Open Cloud is now live! Open Cloud aims to provide a secure and flexible platform that allows you to access your Roblox resources e.g. your assets, places, player data, etc. through standardized web APIs. In the long term, we envision a prosperous application ecosystem that can be empowered by Open Cloud, where you can build your own tools and find all kinds of 3rd party apps that help maximize your productivity.

To start with, you can now create an API key on Creator Dashboard and write a script using the place publishing API to push your latest place files to Roblox Cloud. API key allows your script or application to authenticate into Roblox Cloud and do things on your behalf. Security is on top of our mind; when creating an API key, you can set granular permissions to the API keys by selecting experiences > resources > specific permissions like read or write. Additionally, you can add a list of IPs that are restricted to use the API key and set an explicit expiration date.

Warning: Please note that API keys are highly sensitive information and you should try your best to keep them in secure places.

The Place Publishing API allows you to automate the release workflow. For example, it can be hooked into a GitHub action and automatically pushes a rbxl file to Roblox Cloud after successful integration testing. We’ll keep adding more APIs in the near future.

To learn more, check out the Tutorial and the API references for details.

Update 10/8/21 We have heard lots of great ideas regarding what APIs you’d need. Please help us prioritize by filling out this survey. Your input will directly impact our roadmap!


Happy building,
The Roblox Developer Services Team

FAQ

How can I create API keys for group-owned experiences?

• We only allow group owners to create API keys for now. As a group owner, you can switch to your group on Creator Dashboard by clicking the profile icon on top of the left nav, and then go to the “Credentials” page.
  
  Note: An API key created for groups can only access the resources within the group. You need to create a separate key if you’d like your tool to access both your individual and group resources. We’re working on features that allow group members to create and manage API keys as fast follow work.

What will happen if my key expires?

• If you set an explicit expiration date, which is highly recommended, all API calls with the key after the date will return errors. You can edit the key to have a new expiration date.

Can I allow any IP to use an API key?

• Yes, you can use 0.0.0.0/0 to allow any IP. For security reasons, however, this is highly discouraged. In case your key got leaked, IP restrictions can prevent bad actors from using it on any devices. Please note your API key won’t be allowed by any IP by default unless you add a list or ranges.

This topic was automatically opened after 10 minutes.

Very exciting! Given the Place Management API is the only one currently offered, does it have any benefit over Upload.ashx besides API key-based authentication? I can’t seem to find any advantage or extra parameters that this new endpoint takes that Upload.ashx wasn’t compatible with or couldn’t do.

The update everyone has been waiting for!! Can’t wait for other use cases for the new API system!

Gonna love all the building with this update

Good update.

Finally I can use vscode and github without having to cry everytime I forget to publish it
also not sure if it’s just me but the website scaling died on me

image655×595 39.9 KB

I’m excited to see this expand to other API endpoints. I’d love to see full coverage of API endpoints typically used with libraries like Noblox.js for a more secure automation experience for legitimate purposes.

EDIT: when you hit the wrong reply button

EDIT2: This doesn’t appear to work with group games at the moment. Am I doing something wrong or is this an oversight?

I know a lot of users of a certain 3rd party application will be thrilled

Same here…when minimizing your screen the scaling becomes all funky!

image1546×555 41.6 KB

This is great! Thank you! One thing I’m very interested in is if there are sample Github actions that already exist, and if we’re using Github actions for this automatic process, how to whitelist the Github actions IP addresses in a reasonable way.

Ngl, can’t wait to test it this new feature and see how it becomes very useful to myself & the environment it’ll impact

Wow, we can now make a bot that keep publishing the same place so players think there’s an update.

It was already possible by trying to change a place’s description, but too hard.

hey jmk,

in terms of utility, there’s not too many differences between the two besides the ability to use API keys, and currently the new API endpoint has some limitations, e.g. lower file size limit. we’ll be actively working on adding more APIs in the near future with more capabilities, so stay tuned.

Will there be something like discord’s bot accounts in the future?

GitHub offers some details on this: About GitHub-hosted runners - GitHub Docs

currently you have to be the group owner in order to create keys for group games. we’ll be adding additional support in the near future!

This is absolutely amazing. We’ve been asking for something like this for a while and it’s very pleasing to see that you’ve put a lot of work and care into making it awesome!

Do you have any details to share at the moment for future APIs supported?

the idea is that with what we’re doing here, it’ll certainly open up those possibilities! we don’t plan on making discord bots ourselves but the community is more than welcome to as we upgrade this ecosystem together.

in the very near future we’re targeting additional place APIs and datastores, while at the same time working on a process so that other APIs can be easily added by other teams. we’ll be posting updates as we have them for sure

I really love this update.
Most of all that they made this stuff to create auth tokens like other webslites like twitter, spotify,
Really would wish see more apis here like for groups, catalog and more and instead of just accepted ips, maybe universe ids

image848×313 13.4 KB