Hey, I want to make a verification system that checks if a person is following me on X/Twitter, I found this code on the dev forum but it doesn’t work, I have tried asking ChatGPT but it just put me trough a 2 hour long journey of the same errors.
I’d appreciate any help since I’m desperate honestly as I have no idea what to do.
Here is all the information about the Code:
The Code:
local XService = {}
local HttpService = game:GetService("HttpService")
local ReplicatedStorage = game:GetService("ReplicatedStorage")
local Link = "https://api.twitter.com/2/users/%s/following"
local Username = "TheHiddenModule"
local BearerToken = ""
local ApiKey = ""
local ApiKeySecret = ""
local UserId = HttpService:JSONDecode(HttpService:RequestAsync({Url = "https://api.twitter.com/2/users/by/username/" .. Username, Method = "GET", Headers = {["bearer_token"] = BearerToken, ["api_key"] = ApiKey, ["api_key_secret"] = ApiKeySecret}}))["data"]["id"]
function XService:IsFollowing(TargetName)
local TargetId = HttpService:JSONDecode(HttpService:RequestAsync({Url = "https://api.twitter.com/2/users/by/username/" .. TargetName, Method = "GET", Headers = {["bearer_token"] = BearerToken, ["api_key"] = ApiKey, ["api_key_secret"] = ApiKeySecret}}))["data"]["id"]
local Response = HttpService:JSONDecode(HttpService:RequestAsync({
Url = string.format(Link, UserId),
Method = "POST",
Headers = HttpService:JSONEncode({
["target_user_id"] = TargetId,
["bearer_token"] = BearerToken,
["api_key"] = ApiKey,
["api_key_secret"] = ApiKeySecret
})
}))
return Response['data']['following']
end
function XService:Init()
print(self:IsFollowing("Khelidria"))
ReplicatedStorage.Remotes.IsFollowing.OnServerInvoke = function(Player, Input)
return self:IsFollowing(Input)
end
end
return XService
The Error:
19:50:27.522 Header "bearer_token" has unallowed character "_" - Server - XService:13
19:50:27.522 Stack Begin - Studio
19:50:27.522 Script 'ServerScriptService.Modules.XService', Line 13 - Studio - XService:13
19:50:27.522 Stack End - Studio
Hi there, how were you expecting to retrieve their twitter username to check against your following list? Asking players for any sort of off-site identification is prohibited.
As for the error you are expereincing, its nothing new. Roblox has for some reason not allowed underscores(_) in header keys. A solution could be to try using a dash(-) instead, just to see if the twitter api will accept those. If not, you might have some luck in creating your own proxy that translates your requests with dashes(-) to requests with underscores( _) and sends that back.
And how is this prohibited? Games like Pet Simulator 99 have done this aswell.
This is the error I get:
20:05:50.656 Header "bearer-token" has unallowed character "%" in value "mybearertokenishere" - Server - XService:13
20:05:50.656 Stack Begin - Studio
20:05:50.656 Script 'ServerScriptService.Modules.XService', Line 13 - Studio - XService:13
20:05:50.656 Stack End - Studio
And provide us with the print so that we can see whats going wrong in that line… Of course, if theres any sensitive data in the response, censor it for us.
it won’t even go past the print, this is the error(its the same)
02:18:10.339 Header "bearer-token" has unallowed character "%" in value "censoredbearertoken" - Server - XService:13
02:18:10.339 Stack Begin - Studio
02:18:10.339 Script 'ServerScriptService.Modules.XService', Line 13 - Studio - XService:13
02:18:10.339 Stack End - Studio
I suggest looking up, just on google, solutions to your problem. In this case, both in the original post and in this reply, simply copy and pasting the error text, without your specific variable names, into google results in a few working answers.
You can just connect your twitter to roblox so why should this be against the ToS and if so you can easily bypass it by just getting the connections from a roblox user and check if he follows on twitter the result would be the same
PII is information that can be used to link users across accounts either on or off roblox. Ex. User562 tells you their twitter username is “StaryNight456”, and then they join the game again, under a new account, “User95” and tells you their twitter username is once again StaryNight456, that just created a link between two different accounts and also identified them off of roblox. Now, in most cases this is strictly not allowed but after quickly reading the TOS I noticed this bulletpoint.
The notable part is that it says “not linked to Roblox” now, this could mean accounts like twitter, youtube, etc, that are allowed in the socials sections of profiles and games are linked to roblox and are allowed to be requested, or it means that only official roblox links can be requested. Which is it, we don’t know.
So there is a conflict here and I suggest that you navigate it carefully, don’t store players usernames, and definently make sure you wrap this whole thing in the PolicyService to make sure only users who are over 13 can see the twitter prompt.