@adcp/sdk API Reference - v10.0.1
    Preparing search index...

    Interface CheckGovernanceResponse

    Governance agent's response to a check request. Returns whether the action is approved under the governance plan.

    interface CheckGovernanceResponse {
        adcp_version?: string;
        adcp_major_version?: number;
        check_id: string;
        verdict: GovernanceDecision;
        plan_id: string;
        explanation: string;
        findings?: {
            category_id: string;
            policy_id?: string;
            source_plan_id?: string;
            severity: EscalationSeverity;
            explanation: string;
            details?: {};
            confidence?: number;
            uncertainty_reason?: string;
        }[];
        conditions?: { field: string; required_value?: unknown; reason: string }[];
        expires_at?: string;
        next_check?: string;
        categories_evaluated?: string[];
        policies_evaluated?: string[];
        mode?: GovernanceMode;
        governance_context?: string;
        context?: ContextObject;
        ext?: ExtensionObject;
    }
    Index

    Properties

    adcp_version?: string

    Release-precision AdCP version (VERSION.RELEASE, e.g. "3.0", "3.1", "3.1-beta"). On a request: the buyer's release pin — the seller validates against its supported_versions and returns VERSION_UNSUPPORTED on cross-major mismatch, or downshifts to the highest supported release within the same major. On a response: the release the seller actually served — clients SHOULD validate the response against that release's schema, not against their pin. Patches are not negotiated; surface them as build_version on capabilities for operational visibility. When omitted, falls back to adcp_major_version (deprecated) or server default. Buyers SHOULD emit both adcp_version and adcp_major_version through 3.x to remain compatible with sellers that only read the legacy field. NORMALIZATION: SDKs that read full-semver values from bundle metadata (e.g. ComplianceIndex.published_version = "3.1.0-beta.1") MUST normalize to release-precision ("3.1-beta.1") before emitting on the wire — meta-field values are NOT valid wire values.

    adcp_major_version?: number

    DEPRECATED in favor of adcp_version (release-precision string). Servers MUST continue to honor this field through 3.x. Removed in 4.0. Original semantics: the AdCP major version the buyer's payloads conform to. Sellers validate against their supported major_versions and return VERSION_UNSUPPORTED if unsupported. When omitted, the seller assumes its highest supported version.

    check_id: string

    Unique identifier for this governance check record. Use in report_plan_outcome to link outcomes to the check that authorized them.

    verdict: GovernanceDecision
    plan_id: string

    Echoed from request.

    explanation: string

    Human-readable explanation of the governance decision.

    findings?: {
        category_id: string;
        policy_id?: string;
        source_plan_id?: string;
        severity: EscalationSeverity;
        explanation: string;
        details?: {};
        confidence?: number;
        uncertainty_reason?: string;
    }[]

    Specific issues found during the governance check. Present when verdict is 'denied' or 'conditions'. MAY also be present on 'approved' for informational findings (e.g., budget approaching limit).

    Type Declaration

    • category_id: string

      Validation category that flagged the issue (e.g., 'budget_compliance', 'regulatory_compliance', 'brand_safety'). This is an agent-internal taxonomy: the string is defined by the governance agent's own policy model and is not constrained to any protocol-level enum. Sellers and buyers MUST NOT pattern-match category_id values against a fixed list — treat them as opaque labels with human-readable significance for audit but no machine-level contract. See the Campaign Governance specification for how an agent composes internal specialist review behind one endpoint.

    • Optionalpolicy_id?: string

      ID of the policy that triggered this finding. May reference a registry policy (with source: registry) or a bespoke inline policy (with source: inline). Bespoke policy_ids are unique within their authoring container; use source_plan_id when findings aggregate across multiple plans (e.g., portfolio evaluations). When the violation traces to a producer-tagged surface (feature-requirement, creative-feature-result, or validation-result feature) carrying policy_id, governance agents SHOULD echo that policy_id here for end-to-end traceability, and MUST NOT invent a policy_id that wasn't present on the originating surface. See /docs/governance/policy-attribution.

    • Optionalsource_plan_id?: string

      For portfolio or aggregated evaluations where findings draw on bespoke policies from multiple member plans: identifies the plan whose policy triggered this finding. Omit when the finding's policy_id is unambiguous within the response context (e.g., single-plan check_governance).

    • severity: EscalationSeverity
    • explanation: string

      Human-readable description of the issue.

    • Optionaldetails?: {}

      Structured details for programmatic consumption.

    • Optionalconfidence?: number

      Confidence score (0-1) in this finding. Distinguishes 'this definitely violates the policy' (0.95) from 'this might violate depending on how audience segments resolve' (0.6). When absent, the finding is presented without a confidence qualifier.

      0

      1

    • Optionaluncertainty_reason?: string

      Explanation of why confidence is below 1.0 (e.g., 'Targeting includes regions that partially overlap jurisdiction boundaries'). Present when confidence is below a governance-agent-defined threshold.

    conditions?: { field: string; required_value?: unknown; reason: string }[]

    Present when verdict is 'conditions'. Specific adjustments the caller must make. After applying conditions, the caller MUST re-call check_governance with the adjusted parameters before proceeding.

    Type Declaration

    • field: string

      Dot-path to the field that needs adjustment (in payload for proposed, in planned_delivery for committed).

    • Optionalrequired_value?: unknown

      The value the field must have for approval. When present, the condition is machine-actionable. When absent, the condition is advisory.

    • reason: string

      Why this condition is required.

    expires_at?: string

    When this approval expires. Present when verdict is 'approved' or 'conditions'. The caller must act before this time or re-call check_governance. A lapsed approval is no approval.

    date-time

    next_check?: string

    When the seller should next call check_governance with delivery metrics. Present when the governance agent expects ongoing delivery reporting.

    date-time

    categories_evaluated?: string[]

    Governance categories evaluated during this check. Each value is an agent-internal label (e.g., budget_authority, regulatory_compliance, or any internal-reviewer key the agent's policy model defines) — not a protocol-level enum. Since one governance agent per account composes all specialist review behind its single endpoint, categories_evaluated is how that internal decomposition surfaces to auditors. Consumers MUST treat values as opaque labels for display and audit, not as a machine-level contract.

    policies_evaluated?: string[]

    Policy IDs evaluated during this check. Includes registry policy IDs (resolved via the policy registry) and any inline policy_ids declared in the plan's custom_policies.

    mode?: GovernanceMode
    governance_context?: string

    Governance context token for this governed action. The buyer MUST attach this to the protocol envelope when sending the purchase request (media buy, rights acquisition, signal activation) to the seller. The seller MUST persist it and include it on all subsequent check_governance calls for this action's lifecycle.

    Value format: in 3.0 governance agents MUST emit a compact JWS per the AdCP JWS profile (see Security — Signed Governance Context). Sellers MAY verify; sellers that do not verify MUST persist and forward the token unchanged so auditors can verify downstream. In 3.1 all sellers MUST verify per the checklist. Non-JWS values from pre-3.0 governance agents are deprecated and will be rejected in 3.1.

    Sellers that implement verification MUST verify signature, aud, exp, jti replay, and revocation per the profile before treating the request as governance-approved. This is the primary correlation key for audit and reporting across the governance lifecycle — the governance agent decodes its own signed token to look up internal plan state (buyer correlation IDs, policy decision log, etc.).

    1

    4096

    ^[\x20-\x7E]+$

    context?: ContextObject
    ext?: ExtensionObject