Problem with group API

I am having a problem with the groups endpoint (

I cannot access any group through the api that does not have the wall set to visible for the guest rank. Even if I am in the group and i can see the group wall, it still does not work (even for my own group)

This issue just started today. The message i get says that i do not have permission to access it.

1 Like

Are you sending a valid .ROBLOSECURITY cookie which belongs to an account with permissions to see the group wall in the request’s headers?

1 Like

I am using the link above so I don’t think so. It’s always worked before I just assumed that since it was signed in to my account and I’m sending the request from my account, I should be able to do it with any of my groups since I have access to the walls in all of them

If you are sending the request from and you are signed into an account which has access to the groups walls then yes it should work but if you are sending the request from somewhere else (e. g. A web app backend) you must send your account’s cookie in the request’s headers (it recommended not to use main accounts’ cookies and rather just create bot accounts).

1 Like

Yeah I’m sending the request through studio. It worked before and all of a sudden it stopped working.

Just because you are signed into studio it doesn’t mean you automatically get authenticated, you still have to send the security cookie.

1 Like

Okay, so it suddenly started working in the browser, but in studio it gives me a 403 error when trying to access the groups api. I am assuming, as you said, that I need to send the security cookie. This is going to sound like a stupid questions, but I have a bot in the group and I have the sequrity cookie, but how to I send that to the endpoint through studio?

The reason it works in the browser is because you are logged into your roblox account and since the groups api is hosted on a subdomain of it has access to your security cookie. In general you can send cookies in a request using the Cookie header. The cookie header requires a semicolon-separated string or cookies. The pattern for the cookie header is Cookie: "Cookie1Name=Cookie1Value;Cookie2Name=Cookie2Value" and so on.

In this case to send the security cookie it is Cookie: ".ROBLOSECURITY=your_bot_account_security_cookie"

1 Like

That makes sense, thanks.

This is my current code:

local HttpService = game:GetService("HttpService") 
local id = GROUP_ID

local URL = "" .. id .. "/wall/posts?SortOrder=Desc&Limit=100"

local Response = HttpService:GetAsync(URL)
local Data = HttpService:JSONDecode(Response).data

How can I add that Cookie header? Could you provide a code example? Thank you in advance.

Headers are the third parameter to GetAync() the second one is for caching and they should be sent as a dictionary.

1 Like

Thanks for the help @NinjaFurfante07

1 Like

For anyone curious as to what I did, here is the code that works:

local id = GROUD_ID
local headers = {
	Cookie = ".ROBLOSECURITY=[PUT COOKIE HERE (without the warning in front of it)]" 
local URL = "" .. id .. "/wall/posts?SortOrder=Desc&Limit=100"

local Response = HttpService:GetAsync(URL, false, headers)
local Data = HttpService:JSONDecode(Response).data

Replace with your proxy.

Thanks again for the help!

Just so you know the warning is part of the cookie so it doesn’t matter if you include it or not.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.