0

in general, I'm trying to log in to the roblox via API requests, but I ran into such a problem that when sending a request to https://apis.roblox.com/challenge/v1/continue I get this in response:

{ "statusCode": 403, "statusText": "Forbidden", "errors": [ { "code": 1, "message": "an internal error occurred" } ] }

No matter how much I try to change, add, and so on, nothing helps, I no longer know what to do.

Code:

<?php
$request_body = file_get_contents('php://input');
$request_body = json_decode($request_body, true);
function get_csrf_token() {
 $csrf_url = "https://www.roblox.com";
 $csrf_headers = ["User-Agent: Mozilla/5.0"];
 $ch = curl_init();
 curl_setopt($ch, CURLOPT_URL, $csrf_url);
 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
 curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
 curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
 curl_setopt($ch, CURLOPT_HEADER, true);
 
 curl_setopt($ch, CURLOPT_HTTPHEADER, $csrf_headers);
 $csrf_response = curl_exec($ch);
 curl_close($ch);
 
 preg_match('/meta name="csrf-token" data-token="(.*?)"/', $csrf_response, $matches);
 $csrf_token = $matches[1] ?? null;
 return $csrf_token;
};
$csrf_token = get_csrf_token();
function continue_load($challengeId, $unifiedCaptchaId, $captchaToken, $actionType, $challengeType) {
 $login_url = "https://apis.roblox.com/challenge/v1/continue";
 $login_data = [
 "challengeId" => $challengeId,
 "challengeMetadata" => json_encode([
 "unifiedCaptchaId" => $unifiedCaptchaId,
 "captchaToken" => $captchaToken,
 "actionType" => $actionType
 ]),
 "challengeType" => $challengeType
 ];
 
 $headers = [
 "Content-Type: application/json",
 "User-Agent: Mozilla/5.0",
 "X-Csrf-Token: " . $csrf_token
 ];
 
 $options = [
 CURLOPT_URL => $login_url,
 CURLOPT_POST => true,
 CURLOPT_POSTFIELDS => json_encode($login_data),
 CURLOPT_HTTPHEADER => $headers,
 CURLOPT_RETURNTRANSFER => true,
 CURLOPT_COOKIEJAR => $cookie_string,
 CURLOPT_COOKIEFILE => $cookie_string
 ];
 
 $ch = curl_init();
 curl_setopt_array($ch, $options);
 $response = curl_exec($ch);
 curl_close($ch);
 return $response;
}
$login_response = continue_load($request_body['challengeId'], $request_body['unifiedCaptchaId'], $request_body['captchaToken'], "Login", "captcha");
print_r($login_response);
print_r($login_data);
?>
VLAZ
29.6k9 gold badges65 silver badges88 bronze badges
asked Mar 2, 2025 at 12:55
1
  • I know absolutely nothing about Roblox, so pardon my ignorance. Can you post a link to the documentation for the API(s) you are trying to interact with? Commented Mar 3, 2025 at 15:25

0

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.