Roblox API requests with cookies in Python


I am currently developing a multi tool for clothing groups. I have most of it finished except the parts that require the RBXSessionTracker cookie (FunCaptcha token). Lets take this basic code I found in the dev forum, how would I include a second or third cookie? I rarely work with API‘s, so any help would be appreciated!

import requests

cookie = "roblox cookie."

session = requests.Session()
session.cookies[".ROBLOSECURITY"] = cookie

def rbx_request(method, url, **kwargs):
    request = session.request(method, url, **kwargs)
    method = method.lower()
    if (method == "post") or (method == "put") or (method == "patch") or (method == "delete"):
        if "X-CSRF-TOKEN" in request.headers:
            session.headers["X-CSRF-TOKEN"] = request.headers["X-CSRF-TOKEN"]
            if request.status_code == 403:  # Request failed, send it again
                request = session.request(method, url, **kwargs)
    return request

req = rbx_request("POST", "roblox api url")

I think just setting

session.cookies["YouDesiredCookie"] = "your desired value"

should be enough.

Yes, that works, but only with one cookie.

Are you sure you can’t have multiple? I think you can have as many as you want

session.cookies["Cookie1"] = "your desired value"
session.cookies["Cookie2"] = "your desired value"
session.cookies["Cookie3"] = "your desired value"

This would just create new useless cookies which won’t do anything. They want to store multiple roblox cookies in one session which is currently impossible from my knowledge.

1 Like

if you only can use 1 cookie then why you need to index the “session” object instead of using a function

Using the “session” automatically applies the cookie when creating new request using session.request().

I was asking how to use multiple, it‘s clearly possible if scambots etc. exist. I‘m just not sure how since I don’t work with API‘s on a regular basis.

You would probably need to store cookies in an array and then use forEach loop (or however it’s named) to parse through the array and send request with the cookie.

1 Like

That is correct, it is impossible to use more session cookies at once. That would be the equivalent of you being logged in as multiple users at once. This just doesn’t make sense.

It definitely is possible, the situation you‘re talking about would be using multiple .ROBLOSECURITY cookies at once, I‘d like to use the funcaptcha token tho.