Core AdCP protocol information
AdCP major versions supported by this seller. Major versions indicate breaking changes. When multiple versions are listed, the buyer declares its version via the adcp_major_version field on requests.
Idempotency semantics for mutating requests. Sellers MUST declare whether they honor idempotency_key replay protection so buyers can reason about safe retry behavior. Modeled as a discriminated union on the supported boolean so that code generators produce two named types (IdempotencySupported, IdempotencyUnsupported) with the replay_ttl_seconds invariant enforced at the type level — draft-07 if/then would be dropped by most generators (openapi-typescript, zod-to-json-schema, datamodel-code-generator pre-0.25, quicktype). Clients MUST NOT assume a default — a seller without this declaration is non-compliant and should be treated as unsafe for retry-sensitive operations.
AdCP protocols this agent supports. Each value both (a) declares which tools the agent implements and (b) commits the agent to pass the baseline compliance storyboard at /compliance/{version}/protocols/{protocol}/ (with snake_case → kebab-case path mapping, e.g. media_buy → /compliance/.../protocols/media-buy/). Compliance testing support is declared separately via the compliance_testing capability block (below), not as a protocol claim.
OptionalaccountAccount management capabilities. Required when media_buy is in supported_protocols; optional otherwise. Describes how accounts are established, what billing models are supported, and whether an account is required before browsing products.
Optionalrequire_operator_auth?: booleanWhether the seller requires operator-level credentials. When true (explicit accounts), operators authenticate independently with the seller and the buyer discovers accounts via list_accounts. When false (default, implicit accounts), the seller trusts the agent's identity claims — the agent authenticates once and declares brands/operators via sync_accounts.
Optionalauthorization_endpoint?: stringOAuth authorization endpoint for obtaining operator-level credentials. Present when the seller supports OAuth for operator authentication. The agent directs the operator to this URL to authenticate and obtain a bearer token. If absent and require_operator_auth is true, operators obtain credentials out-of-band (e.g., seller portal, API key).
Optionalsupported_billing?: BillingParty[]Billing models this seller supports. operator: seller invoices the operator (agency or brand buying direct). agent: agent consolidates billing. advertiser: seller invoices the advertiser directly, even when a different operator places orders on their behalf. The buyer must pass one of these values in sync_accounts.
Optionalrequired_for_products?: booleanWhether an account reference is required for get_products. When true, the buyer must establish an account before browsing products. When false (default), the buyer can browse products without an account — useful for price comparison and discovery before committing to a seller.
Optionalaccount_financials?: booleanWhether this seller supports the get_account_financials task for querying account-level financial status (spend, credit, invoices). Only applicable to operator-billed accounts.
Optionalsandbox?: booleanWhether this seller supports sandbox accounts for testing. Buyers can provision a sandbox account via sync_accounts with sandbox: true, and all requests using that account_id will be treated as sandbox — no real platform calls or spend.
Optionalmedia_Media-buy protocol capabilities. Expected when media_buy is in supported_protocols. Sellers declaring media_buy MUST include account with supported_billing.
Optionalsupported_pricing_models?: PricingModel[]Pricing models this seller supports across its product portfolio. Buyers can use this for pre-flight filtering before querying individual products. Individual products may support a subset of these models.
Optionalreporting_delivery_methods?: ("webhook" | "offline")[]How this seller delivers reporting data to buyers. Polling via get_media_buy_delivery is always available as a baseline regardless of this field. This array declares additional push-based delivery methods the seller supports. 'webhook': seller pushes to buyer-provided URL (configured per buy via reporting_webhook). 'offline': seller pushes batch files to a cloud storage bucket (seller-provisioned per account via reporting_bucket on the account object). When absent, only polling is available.
Optionaloffline_delivery_protocols?: CloudStorageProtocol[]Cloud storage protocols this seller supports for offline file delivery. Only meaningful when reporting_delivery_methods includes 'offline'. Buyers express a protocol preference in sync_accounts; the seller provisions the account's reporting_bucket using a supported protocol.
Optionalfeatures?: MediaBuyFeaturesOptionalexecution?: {Technical execution capabilities for media buying
Optionaltrusted_match?: {Trusted Match Protocol (TMP) support. Presence of this object indicates the seller has TMP infrastructure deployed. Check individual products via get_products for per-product TMP capabilities.
Optionalsurfaces?: (Surface types this seller supports via TMP.
Optionalaxe_integrations?: string[]Deprecated. Legacy AXE integrations. Use trusted_match for new integrations.
Optionalcreative_specs?: {Creative specification support
Optionalvast_versions?: string[]VAST versions supported for video creatives
Optionalmraid_versions?: string[]MRAID versions supported for rich media mobile creatives
Optionalvpaid?: booleanVPAID support for interactive video ads
Optionalsimid?: booleanSIMID support for interactive video ads
Optionaltargeting?: {Targeting capabilities. If declared true/supported, buyer can use these targeting parameters and seller MUST honor them.
Optionalgeo_countries?: booleanCountry-level targeting using ISO 3166-1 alpha-2 codes
Optionalgeo_regions?: booleanRegion/state-level targeting using ISO 3166-2 codes (e.g., US-NY, GB-SCT)
Optionalgeo_metros?: {Metro area targeting. Properties indicate which classification systems are supported.
Optionalgeo_postal_areas?: {Postal area targeting. Properties indicate which postal code systems are supported.
Optionalage_restriction?: { supported?: boolean; verification_methods?: AgeVerificationMethod[] }Age restriction capabilities for compliance (alcohol, gambling)
Optionalsupported?: booleanWhether seller supports age restrictions
Optionalverification_methods?: AgeVerificationMethod[]Age verification methods this seller supports
Optionallanguage?: booleanWhether seller supports language targeting (ISO 639-1 codes)
Optionalkeyword_targets?: { supported_match_types: MatchType[] }Keyword targeting capabilities. Presence indicates support for targeting_overlay.keyword_targets and keyword_targets_add/remove in update_media_buy.
Match types this seller supports for keyword targets. Sellers must reject goals with unsupported match types.
Optionalnegative_keywords?: { supported_match_types: MatchType[] }Negative keyword capabilities. Presence indicates support for targeting_overlay.negative_keywords and negative_keywords_add/remove in update_media_buy.
Match types this seller supports for negative keywords. Sellers must reject goals with unsupported match types.
Optionalgeo_proximity?: {Proximity targeting capabilities from arbitrary coordinates via targeting_overlay.geo_proximity.
Optionalradius?: booleanWhether seller supports simple radius targeting (distance circle from a point)
Optionaltravel_time?: booleanWhether seller supports travel time isochrone targeting (requires a routing engine)
Optionalgeometry?: booleanWhether seller supports pre-computed GeoJSON geometry (buyer provides the polygon)
Optionaltransport_modes?: TransportMode[]Transport modes supported for travel_time isochrones. Only relevant when travel_time is true.
Optionalaudience_targeting?: {Audience targeting capabilities. Presence of this object indicates the seller supports audience targeting, including sync_audiences and audience_include/audience_exclude in targeting overlays.
PII-derived identifier types accepted for audience matching. Buyers should only send identifiers the seller supports.
Optionalsupports_platform_customer_id?: booleanWhether the seller accepts the buyer's CRM/loyalty ID as a matchable identifier. Only applicable when the seller operates a closed ecosystem with a shared ID namespace (e.g., a retailer matching against their loyalty program). When true, buyers can include platform_customer_id values in AudienceMember.identifiers for matching against the seller's identity graph. Reporting on matched platform_customer_ids typically requires a clean room or the seller's own reporting surface.
Optionalsupported_uid_types?: UIDType[]Universal ID types accepted for audience matching (MAIDs, RampID, UID2, etc.). MAID support varies significantly by platform — check this field before sending uids with type: maid.
Minimum matched audience size required for targeting. Audiences below this threshold will have status: too_small. Varies by platform (100–1000 is typical).
Optionalmatching_latency_hours?: { min?: number; max?: number }Expected matching latency range in hours after upload. Use to calibrate polling cadence and set appropriate expectations before configuring push_notification_config.
Optionalmin?: numberOptionalmax?: numberOptionalconversion_tracking?: {Seller-level conversion tracking capabilities. Presence of this object indicates the seller supports sync_event_sources and log_event for conversion event tracking.
Optionalmulti_source_event_dedup?: booleanWhether this seller can deduplicate conversion events across multiple event sources within a single goal. When true, the seller honors the deduplication semantics in optimization_goals event_sources arrays — the same event_id from multiple sources counts once. When false or absent, buyers should use a single event source per goal; multi-source arrays will be treated as first-source-wins. Most social platforms cannot deduplicate across independently-managed pixel and CAPI sources.
Optionalsupported_event_types?: EventType[]Event types this seller can track and attribute. If omitted, all standard event types are supported.
Optionalsupported_uid_types?: UIDType[]Universal ID types accepted for user matching
Optionalsupported_hashed_identifiers?: ("hashed_email" | "hashed_phone")[]Hashed PII types accepted for user matching. Buyers must hash before sending (SHA-256, normalized).
Optionalsupported_action_sources?: ActionSource[]Action sources this seller accepts events from
Optionalattribution_windows?: { event_type?: EventType; post_click: Duration[]; post_view?: Duration[] }[]Attribution windows available from this seller. Single-element arrays indicate fixed windows; multi-element arrays indicate configurable options the buyer can choose from via attribution_window on optimization goals.
Optionalcontent_standards?: {Content standards implementation details. Presence of this object indicates the seller supports content_standards configuration including sampling rates and category filtering. Gives buyers pre-buy visibility into local evaluation and artifact delivery capabilities.
Optionalsupports_local_evaluation?: booleanWhether the seller runs a local evaluation model. When false, all artifacts will have local_verdict: 'unevaluated' and the failures_only filter on get_media_buy_artifacts is not useful.
Optionalsupported_channels?: MediaChannel[]Channels for which the seller can provide content artifacts. Helps buyers understand which parts of a mixed-channel buy will have content standards coverage.
Optionalsupports_webhook_delivery?: booleanWhether the seller supports push-based artifact delivery via artifact_webhook configured at buy creation time.
Optionalportfolio?: {Information about the seller's media inventory portfolio. Expected for media_buy sellers — buyers use this to understand inventory coverage and verify authorization via adagents.json.
Publisher domains this seller is authorized to represent. Buyers should fetch each publisher's adagents.json for property definitions.
Optionalprimary_channels?: MediaChannel[]Primary advertising channels in this portfolio
Optionalprimary_countries?: string[]Primary countries (ISO 3166-1 alpha-2) where inventory is concentrated
Optionaldescription?: stringMarkdown-formatted description of the inventory portfolio
Optionaladvertising_policies?: stringAdvertising content policies, restrictions, and guidelines
OptionalsignalsSignals protocol capabilities. Only present if signals is in supported_protocols.
Optionaldata_provider_domains?: string[]Data provider domains this signals agent is authorized to resell. Buyers should fetch each data provider's adagents.json for signal catalog definitions and to verify authorization.
Optionalfeatures?: { catalog_signals?: boolean; [k: string]: boolean | undefined }Optional signals features supported
Optionalcatalog_signals?: booleanSupports signals from data provider catalogs with structured signal_id references
OptionalgovernanceGovernance protocol capabilities. Only present if governance is in supported_protocols. Governance agents provide property and creative data like compliance scores, brand safety ratings, sustainability metrics, and creative quality assessments.
Optionalaggregation_window_days?: numberTrailing window (in days) over which this governance agent aggregates committed spend when evaluating dollar-valued thresholds (reallocation_threshold, human_review triggers, registry-policy floors). Required for fragmentation defense: without aggregation, a buyer can split a single large spend into many sub-threshold commits across plans / task surfaces / time and bypass every dollar-gated escalation. Aggregation is keyed on (buyer_agent, seller_agent, account_id) and spans all spend-commit task types. Upper bound 365 represents a one-year trailing window (fiscal-year alignment with grace); governance agents needing longer scopes negotiate via operator sign-off, not this capability. No schema default: absence of this field indicates the governance agent has not committed to any aggregation window and buyers MUST assume per-commit evaluation only (the fragmentation attack surface is open). A declared value of 30 is a common starting point but is not implied by omission. Buyers depending on a specific window for compliance MUST check this capability before relying on aggregation semantics — an agent declaring 7 days does not defend against fragmentation spread across a 30-day quarter-end push.
Optionalproperty_features?: {Property features this governance agent can evaluate. Each feature describes a score, rating, or certification the agent can provide for properties.
Optionalcreative_features?: {Creative features this governance agent can evaluate. Each feature describes a score, rating, or assessment the agent can provide for creatives (e.g., security scanning, creative quality, content categorization).
Optionalsponsored_Sponsored Intelligence protocol capabilities. Only present if sponsored_intelligence is in supported_protocols. SI agents handle conversational brand experiences.
SI agent endpoint configuration
Available protocol transports. Hosts select based on their capabilities.
Optionalpreferred?: "mcp" | "a2a"Preferred transport when host supports multiple
Optionalbrand_url?: stringURL to brand.json with colors, fonts, logos, tone
OptionalbrandBrand protocol capabilities. Only present if brand is in supported_protocols. Brand agents provide identity data (logos, colors, tone, assets) and optionally rights clearance for licensable content (talent, music, stock media).
Optionalrights?: booleanSupports get_rights and acquire_rights for rights discovery and clearance
Optionalright_types?: RightType[]Types of rights available through this agent
Optionalavailable_uses?: RightUse[]Rights uses available across this agent's roster
Optionalgeneration_providers?: string[]LLM/generation providers this agent can issue credentials for
Optionaldescription?: stringDescription of the agent's brand protocol capabilities
OptionalcreativeCreative protocol capabilities. Only present if creative is in supported_protocols.
Optionalsupports_compliance?: booleanWhen true, this creative agent can process briefs with compliance requirements (required_disclosures, prohibited_claims) and will validate that disclosures can be satisfied by the target format.
Optionalhas_creative_library?: booleanWhen true, this agent hosts a creative library and supports list_creatives and creative_id references in build_creative. Creative agents with a library should also implement the accounts protocol (sync_accounts / list_accounts) so buyers can establish access.
Optionalsupports_generation?: booleanWhen true, this agent can generate creatives from natural language briefs via build_creative. The buyer provides a message with creative direction, and the agent produces a manifest with generated assets. When false, build_creative only supports transformation or library retrieval.
Optionalsupports_transformation?: booleanWhen true, this agent can transform or resize existing manifests via build_creative. The buyer provides a creative_manifest and a target_format_id, and the agent adapts the creative to the new format.
Optionalrequest_RFC 9421 HTTP Signatures support for incoming requests. Optional in 3.0 — capability-advertised so counterparties can opt into signing selectively. Required for spend-committing operations in 4.0 (the next breaking-changes accumulation window). The full profile is defined in docs/building/implementation/security.mdx (Signed Requests (Transport Layer)).
Whether this agent verifies RFC 9421 signatures on incoming requests. When true, signatures present on requests are validated per the AdCP request-signing profile. When false or absent, signatures are ignored (requests are bearer-authenticated only).
Optionalcovers_content_digest?: "required" | "forbidden" | "either"Policy for content-digest coverage in request signatures. 'required': signers MUST cover content-digest (body is bound to the signature); body-unbound signatures rejected with request_signature_components_incomplete. 'forbidden': signers MUST NOT cover content-digest; body-bound signatures rejected with request_signature_components_unexpected. This is an opt-out for the narrow case of legacy infrastructure that cannot preserve body bytes. 'either' (default): signer chooses per-request; verifier accepts both covered and uncovered forms. 'required' is recommended for spend-committing operations in production; 4.0 recommends 'required' for those operations.
Optionalrequired_for?: string[]AdCP protocol operation names (e.g., 'create_media_buy') for which this agent rejects unsigned requests with request_signature_required. Not MCP tool names, A2A skill names, or any transport-specific rename — verifiers MUST NOT accept operation names that are not defined by the AdCP protocol spec. Empty in 3.0 by default; sellers populate selectively during per-counterparty pilots. In 4.0 this list MUST include all spend-committing operations the agent supports (create_media_buy, acquire_*, etc.). Counterparties MUST sign any listed operation.
Optionalwarn_for?: string[]AdCP protocol operation names for which this agent verifies signatures when present and logs failures but does NOT reject the request. Used as a shadow-mode bridge between supported_for and required_for: the verifier surfaces failure rates in monitoring before flipping an operation to required. Precedence: required_for > warn_for > supported_for. An operation in required_for ignores warn_for. Counterparties SHOULD sign operations in warn_for; verifiers MUST NOT reject if the signature is missing or invalid.
Optionalsupported_for?: string[]AdCP protocol operation names for which this agent verifies signatures when present but does not require them. Counterparties SHOULD sign operations in this list. Typically a superset of required_for and warn_for.
Optionalwebhook_RFC 9421 webhook-signature support for outbound webhook callbacks (top-level peer of request_signing). Declares which AdCP webhook-signing profile version and algorithms this agent produces on delivery, and whether it supports the legacy HMAC-SHA256 fallback for receivers that have not yet adopted RFC 9421. See docs/building/implementation/webhooks.mdx.
Whether this agent signs outbound webhooks with the AdCP RFC 9421 webhook profile. When false or absent, webhooks are delivered with legacy Bearer or HMAC-SHA256 auth only and receivers MUST NOT expect a Signature header.
Optionalprofile?: "adcp/webhook-signing/v1"Identifier of the webhook-signing profile version the agent emits. Value MUST match the tag= parameter emitted in the RFC 9421 Signature-Input header (see docs/building/implementation/webhooks.mdx) so receivers can statically validate the declared profile against the on-wire tag. Closed enum; future profile revisions will extend this enum in a follow-up schema bump.
Optionalalgorithms?: ("ed25519" | "ecdsa-p256-sha256")[]Signature algorithms this agent uses on outbound webhooks. 3.0 profile permits 'ed25519' and 'ecdsa-p256-sha256' only; other values are reserved for future profile versions and MUST NOT be emitted under adcp/webhook-signing/v1.
Optionallegacy_hmac_fallback?: booleanWhether this agent will fall back to HMAC-SHA256 on the legacy push_notification_config.authentication path for receivers that have not adopted RFC 9421. Deprecated; removed in AdCP 4.0.
OptionalidentityOperator identity posture — key-scoping and compromise-response controls the agent operates. Fields are independent, all advisory in 3.x; receivers use them to reason about blast radius and revocation latency at onboarding rather than discovering the posture after an incident. Semantics of an empty object: identity: {} means "posture block present but no posture claimed" — schema-valid but advisory-neutral; receivers MUST treat it as equivalent to omitting the block (no capability claim inferred). Operators SHOULD populate at least one field to make a declaration meaningful.
Optionalper_principal_key_isolation?: booleanWhen true, this multi-principal operator scopes signing keys per-principal so a single principal's key compromise does not silently re-scope across principals served by the same operator. kid values remain opaque to verifiers per RFC 7517; any operator-side naming convention (e.g., {operator}:{principal}:{key_version}) is internal bookkeeping and MUST NOT be parsed by verifiers. See docs/building/understanding/security-model.mdx.
Optionalkey_origins?: {Map of signing-key purpose → publishing origin, so counterparties can verify origin separation (e.g., governance keys served from a separate origin than transport/webhook keys) at onboarding. Absent means the operator has not declared a separation scheme; receivers SHOULD assume shared-origin. See docs/building/implementation/security.mdx §Origin separation.
Optionalgovernance_signing?: stringOrigin (scheme + host) serving the governance-signing JWKS.
Optionalrequest_signing?: stringOrigin (scheme + host) serving the request-signing JWKS.
Optionalwebhook_signing?: stringOrigin (scheme + host) serving the webhook-signing JWKS.
Optionaltmp_signing?: stringOrigin (scheme + host) serving the TMP-signing JWKS, when this operator participates in TMP.
Optionalcompromise_notification?: { emits?: boolean; accepts?: boolean }Whether this agent emits the identity.compromise_notification webhook event on key revocation due to known or suspected compromise (as opposed to scheduled rotation). Subscribers use this to bound the window between compromise detected and verifiers converging on revocation. See docs/building/implementation/webhooks.mdx §identity.compromise_notification.
Optionalemits?: booleanWhether this agent emits identity.compromise_notification events.
Optionalaccepts?: booleanWhether this agent subscribes to identity.compromise_notification events from counterparties it verifies signatures from.
Optionalcompliance_Compliance testing capabilities. The presence of this block declares that the agent supports deterministic testing via comply_test_controller for lifecycle state machine validation. Omit the block entirely if the agent does not support compliance testing.
Compliance testing scenarios this agent supports. Must be non-empty — at least one scenario. Callers can also use comply_test_controller with scenario: 'list_scenarios' to discover supported scenarios at runtime.
OptionalspecialismsOptional — specialized compliance claims this agent supports. Values MUST be kebab-case enum IDs (e.g., 'creative-generative', 'sales-non-guaranteed'). An agent that implements a specialism's tools but omits its ID from this array will receive 'No applicable tracks found' from the compliance runner — tracks for that specialism are not evaluated even if every tool works. Omitting the field means the agent declares no specialism claims (it still passes the universal + domain-baseline storyboards implied by supported_protocols). Each specialism maps to a storyboard bundle at /compliance/{version}/specialisms/{id}/ that the AAO compliance runner executes to verify the claim. Each specialism rolls up to one of the protocols in supported_protocols — the runner rejects a specialism claim whose parent protocol is missing. Only list specialisms your agent actually implements — the AAO Verified badge enumerates which specialisms were demonstrably passed.
Optionalextensions_Extension namespaces this agent supports. Buyers can expect meaningful data in ext.{namespace} fields on responses from this agent. Extension schemas are published in the AdCP extension registry.
Optionalexperimental_Experimental AdCP surfaces this agent implements. A surface is experimental when its schema carries x-status: experimental and the working group has not yet frozen it. Sellers that implement any experimental surface MUST list its feature id here. Buyers inspect this array before relying on experimental surfaces — a seller that does not list a surface is asserting it does not implement it. Experimental surfaces MAY break between any two 3.x releases with at least 6 weeks notice; the full contract is in docs/reference/experimental-status.
Optionallast_ISO 8601 timestamp of when capabilities were last updated. Buyers can use this for cache invalidation.
OptionalerrorsTask-specific errors and warnings
OptionalcontextOptionalext
Response payload for get_adcp_capabilities task. Protocol-level capability discovery across all AdCP protocols. Each protocol has its own capability section.