funwolf7
commented
10 months ago Adding to this, the UserId you are logged into seems to be stored at https://www.roblox.com:RobloxStudioAuthuserid, which should allow us to then get the ROBLOSECURITY token using that UserId. Windows Credential Manager shows it as last updated today, so it is still in use, and I was able to decode it and verify that it stores my UserId (it is a big-endian UTF-8 string of your UserId).
blake-mealey
Issue:
Roblox no longer adds/overwrites the generic credential to the address:
https://www.roblox.com:RobloxStudioAuth.ROBLOSECURITY.But does so in a nearly identical fashion:
https://www.roblox.com:RobloxStudioAuth.ROBLOSECURITY{userId}- where 'userId' is the account id of the player.Background:
I found this out after recently installing Windows 11 on two systems, only to attempt to run a Lune script that uses it's built-in
robloxlibrary and that library'sgetAuthCookie()function, returning a.ROBLOSECURITYcookie to make HTTP calls with.getAuthCookie()returnednilas my cookie, and I'm unable to use any services provided by Roblox that require the security cookie.Under the hood, Lune's
robloxlibrary usesrbx_cookieto retrieve the auth cookie. rbx_cookie itself appears to specifically reference the first address in this issue in how it concatenates a credential's address.This does not support Roblox's new methodology, where they suffix the userId of an associated account to the credential key. A change should be made to alleviate this issue in the future.
I asked open source community members for aid on this issue, and it was noted that everyone has a generic credential to the first address in this post, last modified in May 2023, and that I do not. I attempted to shutdown both systems, my phone, and as well, re-install the Roblox app and Roblox Studio, and re-log into my account on all platforms and devices. None of these actions solved the issue.