Actually, theres an easier way. Just have the code be based on the current time. This is how things like OATH work. There is a secret key that both your Roblox and Discord sides share. The code is then generated based on that key and the current time. Thus, the two sides come up with a matching key that changes every so often. See here for the full explanation.
Someone without the secret key cannot generate a code, even though they know the current time. The upcoming codes also can’t be guessed. This won’t make it so every player needs a unique key, though, so don’t use it to give out one-time rewards.
So essentially player generates a code from discord that lasts like 5 minutes in the database. Roblox inputs that code and checks if the code still exists
Regardless of which direction, each side has a code that changes say every 5 minutes. Both sides are following the same sequence of codes, so as long as you got a code from one side recently, you can enter it on the other.
You could save your time from generating code and expecting players to join game and write in the code, by actually using Roblox’s OAuth 2.0
You can read more about it in this post
How ever you will require your own web server and a datastore to link the discord account tot he Roblox account.
Yes that exactly what I did for mine, the user would run /verify and the bot would reply with a button to the OAuth page. Roblox allows you to get certain information when verifying such as the User ID so they wont actually need to join a game to confirm.
What scopes would i need on the OAuth setup in order to say store a value in a datastore when the user clicks verify. or can you check from in game whether they’re verified or not.
openid and profile scopes, they are both identity scopes which will return information about the user,
if you select profile scope you will need to select openid scope as stated here
im just asking whether i need it or not for the actual verification, but in the url example you provided me rn. id assume that the redirect link is a must have. what exactly do i put for that?
the redirect URI must be the redirect link you set in the the scope yourself earlier, since its for the actual verification system i recommend using the entry link, I’m guessing it would be your link > ROBLOX OAuth > your redirect link
Neither do i see it on the image (i havent published this yet)
I need to make sure i can set it up properly before publishing. but i cant get the redirect for the entry link
Ye so I think the entry link is meant to take you to the long URL I sent earlier. I do not know if the player is automatically redirected to the app or you will have to do it yourself.
redirect url is needed because the Roblox OAuth will send info to the redirect URL, at the redirect URl is where you will link the discord user to roblox user and then change the database to confirm verification
so essentially i need to get the link to my discord bot and put that for the redirect? Sorry, theres really not much information about how it works so its hard to understand…
redirect url should be a page you own, you can listen from GET requests in this page and retrieve the info you got from the Roblox OAuth when they redirect the user to your page
