Optionaloptions: ImplicitAccountStoreOptions<TCtxMeta>ReadonlyresolutionHow buyers reference accounts on this platform.
'explicit' — buyer passes account_id inline on every request (Snap,
Meta, GAM via Network/Company id). The default.'implicit' — buyer must sync_accounts first; subsequent requests are
resolved from the auth principal's pre-synced linkage (LinkedIn, some
retail-media operators). Framework refuses inline account_id references
for these platforms — emits AdcpError('INVALID_REQUEST', { field: 'account.account_id' }) before reaching accounts.resolve. The
brand+operator union arm is permitted (used during the initial
sync_accounts flow); only account_id-shaped references are rejected.'derived' — single-tenant agents where there is no account_id on the
wire at all and the auth principal alone identifies the tenant. Most
self-hosted broadcasters and retail-media operators in proxy mode.
Framework refuses inline account_id references for these platforms —
same AdcpError('INVALID_REQUEST', { field: 'account.account_id' })
shape as 'implicit', but with a single-tenant message instead of the
sync_accounts-first guidance (no sync_accounts step exists in
derived mode). The brand+operator union arm is permitted.Defaults to 'explicit' when omitted.
Return the number of principal → accounts linkages currently stored.
Resolve the caller's account from the auth-principal→account mapping
populated by a prior sync_accounts call.
Returns null (→ ACCOUNT_NOT_FOUND) when:
sync_accounts was called for this principalttlMsctx.authInfo is absent or carries no extractable keyMulti-account note. When a buyer synced multiple refs in one
sync_accounts call, this implementation returns the first stored
account. If your platform requires per-request account disambiguation
(e.g., different brands on the same buyer), switch to 'explicit' mode
so buyers pass ext.account_ref on each request, or override keyFn
to encode the brand into the key.
Optionalctx: ResolveContextProcess a sync_accounts payload: build accounts from refs and store
them under the caller's auth key.
The auth key is extracted from ctx.authInfo via keyFn. When the
key cannot be derived (no credential or unrecognized credential kind),
all refs are returned as SYNC_FAILED rows — a silent-success-then-
mystery-failure sequence is worse than an explicit error. Check your
authenticate callback and keyFn if you see this error.
When ctx.authInfo is absent (unauthenticated call), all refs fail
with UNAUTHENTICATED. Your authenticate callback in
serve({ authenticate }) should reject unauthenticated requests before
reaching this method.
Optionalctx: ResolveContextRemove all stored sync linkages.
Return the auth key that would be derived from authInfo.
Useful in tests to assert that a specific principal's linkage was stored.
In-memory
AccountStoreforresolution: 'implicit'platforms.Wire contract:
sync_accounts→ framework callsupsert()→ store recordsauthKey → accounts[].create_media_buy) withoutext.account_ref→ framework callsresolve(undefined, ctx)→ store looks up byauthKey.resolve()returnsnull→ framework emitsACCOUNT_NOT_FOUND. Do NOT returnAUTH_REQUIRED— that signals missing credentials, not a missing pre-sync.This class is intentionally minimal. Copy-and-adapt for durable stores (Postgres, Redis); see
docs/guides/account-resolution.mdfor the DDL reference and the key-derivation rationale.Example