Open Cloud Groups API + Users API [Beta]

Hi everyone!

We are thrilled to announce the public beta release of two new APIs:

• Groups Join Management API lets you automate join request processing
• Users API allows you to efficiently manage your users and community

Groups Join Management API

Some creators have been using the legacy Groups API to automate certain workflows. However, the API is not designed to be used by third-party tools (requires you to share cookies). By integrating with API keys and OAuth 2.0, the Open Cloud Groups API allows you to securely and smoothly manage your Groups related workflows. You can now periodically list the pending join requests, define your own logic to evaluate them, and then automatically accept or reject a request.

This release includes three new methods aimed at enabling join management workflows:

• Listing group join requests
• Accepting a group join request
• Declining a group join request

Resource

These API methods are based on a new resource: the GroupJoinRequest. A join request is an object that represents a user’s request to join a particular group. Here is an example of the data model:

{

"path": "groups/7/join-requests/21557",

"createTime": "2023-10-17T17:23:45.490Z",

"user": "users/21557"

}

The join request ID, a unique identifier for each join request, is simply the user ID of the join request. For example, if the ID of the GroupJoinRequest is 21557, that means the user with ID 21557 sent the request (and so “user” will be users/21557). The join request path can be used to accept or decline join requests (more on this in the API reference).

Data Access & Rate Limits

List Group Join Requests

• 300 per min per API key
• 90 per min per OAuth2 token

Accept Group Join Requests

• 100 per min per API key
• 90 per min per OAuth2 token

Decline Group Join Requests

• 100 per min per API key
• 90 per min per OAuth2 token

Users API

You might have noticed that GroupJoinRequest.user refers to a user. Wouldn’t it be nice if you could use that reference to find out more information about the user requesting to join a group? Now you can!

The User resource provides a consistent and secure way for you to fetch both public and scope-authorized private user information.

Use Cases

With the User resource, you can do the following:

• Get a user’s information to display in your app.
• Show a user’s current thumbnail in your app.
• Generate a user thumbnail with customized parameters.

Resource

The API introduces a new resource: User.

{
  "path": "users/11169952343",
  "createTime": "2023-10-18T20:55:40.030Z",
  "id": "11169952343",
  "name": "alphaomegatest",
  "displayName": "alphaomegatest",
  "about": "About me!!!",
  "locale": "en_us",
  "premium": false,
  "verified": true,
  "socialNetworkProfiles": {
    "facebook": "",
    "twitter": "",
    "youtube": "",
    "twitch": "",
    "guilded": "",
    "visibility": "FRIENDS_FOLLOWING_AND_FOLLOWERS"
  }
}

Access Public Data

These new methods will give you the ability to get user data and thumbnails. Public information (such as username, bio, etc.) will be available without any additional scope authorizations. You can access it with an API Key or any valid OAuth 2.0 access token.

Check out the API reference for more information.

Access Private Data

The User resource also includes some data that isn’t publicly accessible. You will need the scopes authorized for receiving that data. If your API Key/OAuth token doesn’t have the necessary scope, they will return their default values.

• If you use an API key and add those scopes, you can access your own data.
• If you use an OAuth2 token, you will need the user to grant those scopes to your token.

Below is the list of scopes and data they protect:

• user.advanced.read: premium, verified
• user.social.read: social network profiles

Data Access and Rate Limits

The rate limits for all the endpoints are:

• 1K per min per API key
• 10 per min per OAuth2 token

To learn more about the Users API, check out the API reference.

API key and OAuth2 Scope

API key

To create an API key, navigate to the API keys credentials page on the creator dashboard.

Groups Scopes

Go to Groups > Write to create an API key.

image41582×390 41.9 KB

Users Scopes

Go to Users > Read Private User Data or Users > Read Social Accounts to create an API key.

image21600×455 118 KB

OAuth2 Scope

To use the new group write permission using OAuth, navigate to the OAuth app credentials page on the creator dashboard.

Group Scopes

You will be able to create or update an app with the new group write scope.

image11117×501 56.1 KB

User Scopes

You will be able to create or update an app with the new users scopes.

image31209×116 16.3 KB

To learn more about Group Join Requests API and Users API, check out our docs. If you have feedback, please share with us below. You can also join our OAuth 2.0 group here if you would like access to our beta APIs.

We are excited to see what you will build!

This topic was automatically opened after 11 minutes.

Oh my days, this is so amazing! I can finally setup 3rd party group automations without needing to share my account cookie!

Amazing update as usual!

Do we have an ETA on group ranking too?

WOW.

I’m impressed now that we don’t have to handle third party software and instead use API cloud.

Could group ranking be coming soon through open cloud API? How will this work with group ranking?

Great job though!

To be honest, this is like the best update ever.

This update is pretty good!

Good work Roblox, keep the good update boat moving!

I’m gonna be the guy that asks: why is the user field not just the ID? Why does it have a namespace section attached?

Handling join requests by API is awesome! A very long requested feature, and I’m really glad we don’t need the cookie pain anymore (was difficult to communicate to the user)

Feels like ranking APIs are in the air…

This feature request is definitely on our radar, but can’t promise anything at the moment.

Users/RobloxId is a different endpoint you hit for user information, looks like this API is more spaced out and better organized (and security), then Roblox API which appreciated very much!

Now for my thoughts, OpenCloud was a bit overwhelming first as most of the endpoints are combined with each other, but as I’ve used it and interact with the documentation and all, it seems pretty easy.

I love the user/roblox_id separation, it’s amazing.

For anybody wondering, rblx-open-cloud has this built in already, and we’re working on a new documentation and new structure!

You can check out the github repo, and let us know your thoughts!

This is an overall design philosophy for Open Cloud APIs where the resources are identified by full resource paths. It makes it more clear what kind of value we are talking about and avoids confusion between domains. Users are top-level resources in this case.

Ideally in the future you wouldn’t have to ser/de too much between fully qualified and unqualified formats in a world where everything uses fully qualified format, but understandably you might need to in short-term.

If you have any feedback about this design consideration I recommend opening a separate feature request so the team can discuss specifically there.

Great! Goodbye to the rank bo-… Oh dang…

This is amazing! I love how you guys are working on more and more ways for us to easily implement Roblox’s API into our experiences. Just one question: when will group ranking release?

Hey folks, we have temporarily disabled some of the endpoints mentioned here due to an unforeseen issue. We will update you again once we re-enable the endpoints!

Update: re-enabled.

Pretty cool ngl. This is a very good update and could really benefit roleplaying groups with XP systems and such. Keep up the good work!

This is an amazing addition, but I am disappointed that socialNetworkProfiles does not include Discord, possibly the most relevant social network on Roblox.

Next add the ability to change people’s rank in the groups making bots non necessary.

Great step, hopefully don’t take years for it to be added, but at least it’s here.