- Getting all the gamepasses a player made.
- Getting all the badges a player has.
- How many people purchased a gamepass
- How many people earned a specific badge (as @bluebxrrybot said)
There are alot of more needs I can’t just explain here!
2 Likes
I have to use a simple proxy I host on Google Apps to provide an Audio search function for players in our Poop Simulator game. This allows them to create their own custom audio/radio playlist in game.
It’s the only way to query the catalog for audio assets that I am aware of by effectively going off-platform and back in via the API.
It’s not an expected norm. It’s a recommendation, for your account’s security, and your users’ security.
Like the post says, lots of functions that these API proxies are being used for are usable in Roblox’s Luau environment, without any user-requested HTTP requests.
If you’re making a system that REQUIRES a proxy, you should not be using a public proxy. A private one is much more secure, as you can define your token and such on the proxy’s end, instead of the game’s end (this eliminates the possibility of someone logging into the holder account via the token, unless you expose it another way).
You can also only expose very specific functions, and if you know what you’re doing, you can do additional checks to see if the incoming proxy request is coming from one of your game’s servers.
If you don’t have the money to do PAID cloud hosting or self-hosting, don’t host your own at all. Completely free services (Heroku, Google Scripts / Apps) are not going to be reliable, compared to a paid service (Google Cloud Services, so on.)
Also, I’d totally recommend GCS (but self-hosting is the most reliable, depending on other factors). It’s confusing, but you can get $300 of free credit for three months without having to pay a cent.
6 Likes
Recently, Roblox has been planning to let us request roblox.com at certain endpoints so a proxy is still necessary but is not at certain cases
4 Likes
Not sure if you are still asking but for my use-case I am trying to use Roblox Open Cloud & HttpService to access the a DataStore from experience A and transfer it over to experience B on a Players.PlayerAdded basis.
- Player joins experience A
- I query for any existing data in experience B (a privated game) using HttpService & Roblox Open Cloud API endpoints
- I assign them that existing data to their data in experience A
Mock example;
... --// Player joins experience A
local ExperienceB_EndPoint = "https://apis.Roblox.com/datastores/v1/universes/{" .. ExperienceB_UniverseID .. "}"
local Response = HttpService:GetAsync(ExperienceB_EndPoint )
warn(HttpService:JSONEncode(Response))
Is accessing Roblox API’s directly with Lua still going to be considered?
I’d imagine these would be accessed directly with HttpService, or with a special service to interact with any of the APIs that do not require a token to use. If they did use a token, it would have to be called from the client. I can understand if that may be unsafe.
I still have use cases for the Roblox API, and it would be great if we didn’t have to use any hacky methods like with using proxies. They’ll go down for good eventually, but a service won’t.
2 Likes
I don’t know if this question is still being considered, but in my case it goes as this:
I want to fetch how many sales a limited item has, so I can classify them based on the number of copies sold. But for some reason, MarketplaceService:GetProductInfo( ) or AvatarEditorService:GetItemDetails( ) only returns this info if the item is a LimitedUnique, although you can see this information in the catalog for both of the limited types.
Also, the sales data always returns 0 independent of the type of the item.
I think that a solution for this would be making these methods return more details about the item, or simply letting specific endpoints available to the general use, without the need of using proxies to send requests.
This would make things easier, while protecting developers that don’t know about these risks or don’t have the resources / knowledge to use it safely.