Skip to main content

Creating a Roblox Open Cloud API Key

To enable advanced group management features in Technified (like promoting/demoting members), you’ll need to create a Roblox Open Cloud API Key with the appropriate permissions.
Open Cloud API Keys are Roblox’s modern, secure method for API access. They replace the older cookie-based authentication method.

Why Open Cloud?

Open Cloud API Keys provide several advantages:

Enhanced Security

Scoped permissions limit what each key can access

No Account Risk

Keys can’t access account settings or other sensitive data

Fine-Grained Control

Choose exactly which operations each key can perform

Easy Rotation

Revoke and regenerate keys without changing passwords

Prerequisites

Before creating an API key, ensure you have:
  • Group Ownership or Admin Role — You need sufficient permissions in the Roblox group
  • Two-Factor Authentication — Required for accessing Creator Dashboard
  • A Roblox Account with access to Creator Dashboard
For better security, consider creating a dedicated bot account for your API keys instead of using your main account. This limits the risk if a key is compromised.

Step-by-Step Guide

1

Access Creator Dashboard

Navigate to the Roblox Creator Dashboard
2

Open API Keys Section

  1. Click “Open Cloud” in the left sidebar
  2. Select “API Keys” from the menu
  3. You’ll see a list of your existing API keys (if any)
3

Create New Key

Click the “Create API Key” button in the top right corner
4

Name Your Key

Provide a descriptive name to help you identify this key later:
  • Example: Technified-GroupManagement
  • Example: Discord-Bot-GroupAPI
  • Example: [Your Server Name]-Technified
Clear naming helps when you need to revoke or rotate keys later.
5

Configure Permissions

This is the most important step! Select the API systems and operations needed for Technified:

Required Permissions

For full group management features, enable:
Select as a API System Groups Choose Group:Read and Group:Write This allows Technified to manage your group’s members and ranks.
6

Configure Security Options (Optional but Recommended)

Restrict which IP addresses can use this key:
  • Leave blank for Technified (our servers rotate IPs because we are using Cloudflare)
Do not use the IP Address restriction
7

Generate and Copy Key

  1. Click “Save and Generate Key”
  2. Roblox will display your API key once — copy it immediately
  3. The key will be a long randomized letters and numbers: WNJsjndwdwi39394943...
This is your only chance to copy the key!Roblox does not store the full key and cannot show it again. If you lose it, you’ll need to revoke it and create a new one.
Store the key securely:
  • Password manager (1Password, Bitwarden, etc.)
  • Secure notes app
  • Environment variables file (if self-hosting)
  • Never commit it to Git or share it publicly

Troubleshooting

Possible causes:
  • The API key was copied incorrectly
  • The key has been revoked
  • The key has expired
Solution:
  • Double-check you copied the entire key string (including Bearer prefix if present)
  • Verify the key is still active in Creator Dashboard
  • Generate a new key if necessary
Possible causes:
  • Missing required API scopes (Groups API)
  • Key doesn’t have access to the specific group
  • Account doesn’t have group admin permissions
Solution:
  • Recreate the key and ensure Groups API with Write permissions is enabled
  • Add the specific group ID to the key’s allowed groups list
  • Verify your Roblox account has appropriate rank in the group (admin/owner)
Cause: Groups API is only available for accounts with group ownership or high-ranking group rolesSolution:
  • Verify you’re logged into an account with group admin access
  • Check that the group exists and you have the correct permissions
  • Try creating the key from a group owner’s account
Solution: Unfortunately, lost keys cannot be recovered. You must:
  1. Go to Creator Dashboard → Open Cloud → API Keys
  2. Find the old key and click “Revoke”
  3. Create a new API key following the steps above
  4. Update the key in Technified dashboard
This is by design for security — keys are never stored in plain text by Roblox.

Security Best Practices

Only enable the API scopes you actually need:
  • If you only need to promote/demote → Enable Groups API Write
  • Don’t enable unnecessary APIs like “Data Stores” or “Messaging Service”
This follows the principle of least privilege.
For high-security groups:
  • Rotate API keys every 6-12 months
  • Rotate immediately if:
    • An admin with key access leaves your team
    • You suspect a key may have been exposed
    • There’s suspicious activity in your group
Regularly check your group’s audit logs for unusual activity:
  • Unexpected rank changes
  • Mass exiles
  • Unusual times for bot activity
If you notice anything suspicious, revoke the key immediately.
NEVER:
  • Post keys in Discord channels
  • Commit them to public GitHub repositories
  • Share them in screenshots
  • Include them in support tickets (DM privately if absolutely necessary)
ALWAYS:
  • Store in password managers
  • Use environment variables in code
  • Share only via encrypted channels with trusted admins

Managing Your API Keys

View Active Keys

To see all your active Open Cloud API keys:
  1. Go to Creator Dashboard
  2. Click “Open Cloud”“API Keys”
  3. You’ll see a list with:
    • Key name
    • Creation date
    • Expiration date (if set)
    • Last used date

Frequently Asked Questions

Yes, but it’s not recommended for security reasons. If one server’s configuration is compromised, all servers using that key are at risk. Create separate keys for each Discord server.
No. A single API key can have access to multiple groups. However, for organizational purposes, some users prefer one key per group.
  • Open Cloud API Keys: Modern, secure, scoped permissions, revocable, recommended
  • .ROBLOSECURITY Cookies: Legacy, full account access, harder to secure, deprecated
Always use Open Cloud when possible. Technified supports both but strongly recommends Open Cloud.
No. API keys are private to the account that created them. Group members cannot access or view your API keys, even if they’re admins.

Next Steps

Now that you’ve created your Open Cloud API key:

Group Binds Setup

Configure group management features in Technified

Role Bindings

Set up automatic role assignment based on Roblox ranks

Command Permissions

Control who can use group management commands

Best Practices

Security tips and recommendations

Additional Resources

Keep your API keys secure, grant minimal permissions, and rotate them regularly. If you have any questions, join our support server!