You should use the web-browser debugging tools to figure out web APIs like this.
I have a project that does what you’re after.
The API is this:
https://economy.roblox.com/v1/purchases/products/<productId>
To use it, you first need to send a GET request for a catalog item page. The Classic Swordpack for example:
GET https://www.roblox.com/catalog/106690045
You then need to extract a bunch of information from it:
- The XSRF token
- The product ID (different from an asset ID)
- The price
I leave it up to you to find out where these things are located in the HTML.
You also need your ROBLOSECURITY cookie to authenticate yourself.
Then you need to do a POST request.
POST https://economy.roblox.com/v1/purchases/products/15194787
X-CSRF-TOKEN: blah-token-blah
Content-Type: application/json; charset=utf-8
Cookie: .ROBLOSECURITY=ScaryTextThatsSensitive;
{"expectedCurrency":1,"expectedPrice":150,"expectedSellerId":1}
You should then check the response, (which is more JSON) to see whether it succeeded.