I wanted to bring some attention to the recent removal of the following trade API endpoints:
/v1/trades/send
/v1/trades/{tradeId}/accept
/v1/trades/{tradeId}/counter
These were previously available and used in a variety of ways to enhance the trading experience on Roblox from inventory tools to value tracking and trade notifications.
Instead of removing them entirely, they could be reintroduced with safeguards like:
Trade rate limiting
IP-based throttling
2-step verification before actions are allowed
There are a lot of people who used these endpoints responsibly, and their removal has made it difficult for a portion of the trading community to maintain tools or workflows that depended on them.
I hope this feedback can reach the appropriate Product or Engineering teams for consideration.
The endpoints were not removed, only their public-facing documentation was. Some bad actors would trick other users into going into the API documentation, and unknowingly send or accept trade request by trying out the endpoint.
Also, I don’t know if they still allow http requests on exploit executors but I know there used to be a script that would use those API’s to scam people aswell. But I don’t know if these newer exploits detect it and don’t allow it or what.
They still “exist” but nobody can use them anymore since the public documentation is not there anymore. And like i said above, if roblox was to add manual 2 factor authentication after executing any actions on the website, that would remove all possible scams.