Version 3.0.6
Status: Patch release — stable-surface no-op for 3.0-conformant agents 3.0.6 makes theGOVERNANCE_DENIED wire-placement rule discoverable from the error code itself, reserves the ctx_metadata keyword as an adapter-internal round-trip key, expands the SKILL.md guidance for issues[] recovery on the calling-agent side, and fixes two storyboard fixture bugs that were rejecting spec-compliant adopters. Wire format unchanged for any 3.0 agent.
Upgrading from 3.0.5? No code changes required for 3.0-conformant agents. SDK consumers bump
ADCP_VERSION to 3.0.6 to pick up the tightened error-code prose, the ctx_metadata reservation, and the corrected storyboard fixtures.Adopter action
GOVERNANCE_DENIED / GOVERNANCE_UNAVAILABLE wire-placement guidance (#3929, closes the doc-comment item on #3918; companion to #3914)
error-code.json defined the two governance codes’ semantics but didn’t say WHERE in the response they appear. Storyboards interpreted differently — issue #3914 surfaced one mismatch where the brand-rights compliance storyboard expected expect_error: code: GOVERNANCE_DENIED even though acquire_rights already has a first-class AcquireRightsRejected discriminated arm. Adopters returning the spec-correct shape were failing the storyboard.
The enumDescriptions for both codes now state placement explicitly:
GOVERNANCE_DENIED— structured business outcome, not a system error. When the task response defines a structured rejection arm, that arm IS the canonical denial shape: populatestatus: "rejected"+reason, do NOT additionally emit the code inerrors[]oradcp_error, and do NOT flip transport-level failure markers. When the task has no rejection arm, populateerrors[].codeANDadcp_error.codeper the two-layer model and DO flip transport markers.GOVERNANCE_UNAVAILABLE— system error, governance call failed at all. Always populate both layers with the code and flip transport markers. Sellers MUST NOT use a structured rejection arm for unavailability even when the task offers one — the buyer’s recovery semantics differ (retry-with-backoff vs. restructure-or-escalate).
AcquireRightsRejected and CreativeRejected already declare not: { required: [errors] } at the schema layer, so emitting errors[] alongside a rejection arm was already a schema violation. The doc-comment makes the rule discoverable from the error code without changing what conformant senders produce.
A parallel storyboard-authoring note in error-handling.mdx directs authors to assert on field_value path: "status" value: "rejected" rather than error_code for tasks that define a rejection arm. The existing error_code guidance is correct for tasks without a rejection arm.
ctx_metadata reserved as adapter-internal round-trip key (#3640)
Reserves the top-level key ctx_metadata on AdCP resource objects (Product, MediaBuy, Package, Creative, AudienceSegment, Signal, RightsGrant) as a publisher-to-SDK round-trip cache for adapter-internal state. SDKs MUST strip the key before wire egress and MUST emit a warning-level log entry when stripping, so operators can detect accidental collisions with existing adapter code. Buyers never see this field.
The convention is non-binding at the wire level — these resources already declare additionalProperties: true so existing payloads remain valid. The reservation locks the keyword name before two SDKs converge on it accidentally and ship divergent semantics. PropertyList and CollectionList are out of scope (additionalProperties: false) until a follow-up PR widens those schemas.
Implementation-dependent issues[] fields documented in SKILL.md (#3927 backport)
skills/call-adcp-agent/SKILL.md already documented the three required issues[] fields (pointer, keyword, variants). 3.0.6 adds the four optional fields a calling agent will encounter when the seller’s validator opts into them — discriminator, schemaId, allowedValues, hint — with a one-line preface clarifying these are implementation-dependent (not every validator emits them) and an updated recovery order: read hint first when present, then discriminator, then walk variants. Two new rows added to the symptom-fix lookup table for the same fields.
No wire-format change. Pure documentation: shipping these fields is already a valid validator extension; this gives callers a curated path through them.
Storyboard-schema documents task_completion.<inner> prefix (#3955, closes #3950)
The context_outputs[].path resolver gained a task_completion. prefix in the storyboard runner (@adcp/sdk 6.7+) for capturing values that materialize only on the terminal task artifact (e.g., seller-assigned media_buy_id on IO-signing flows where create_media_buy returns an A2A submitted-arm envelope). 3.0.6 adds the corresponding documentation to the storyboard authoring schema (static/compliance/source/universal/storyboard-schema.yaml).
comply_test_controller is deployment-scoped, not request-gated (#3992)
Tightens the visibility rule for comply_test_controller: production deployments MUST NOT expose the tool on any surface — neither tools/list, nor the compliance_testing block in get_adcp_capabilities, nor request dispatch. Live-mode probes get unknown-tool (treated as a regular catalog miss), not FORBIDDEN. The previous prose left enough room that some adopters were emitting FORBIDDEN on live-mode dispatch, which is itself an information leak (an attacker probing for the tool can distinguish “not deployed” from “deployed but you can’t use it”).
Storyboard fixture fixes
Two compliance-bundle fixture fixes that were causing spec-compliant adopters to fail published storyboards:inventory_list_targeting— the 5 account blocks across this scenario use the brand+operator natural-key variant ofAccountReferencebut omitted thesandboxflag. Sellers whoseaccounts.resolvehas separate code paths for sandbox vs production refs were routingcreate_media_buyandget_media_buysthrough different account-id namespaces, breakingmediaBuyStorebackfill oftargeting_overlay. Settingsandbox: trueon every account block keeps both create and get on the sandbox path. Mirror of #3989 onmain. Follow-up to align the SDK runner’s enricher asymmetry tracked at adcp-client#1487.sales_guaranteed/create_media_buy— thecontext_outputs[0].pathwas bare"media_buy_id", which the runner resolved against the immediate submitted-arm response — a step that fails withcapture_path_not_resolvableand masks downstream phases. Updated to"task_completion.media_buy_id"so the runner pollstasks/getand captures the seller-issued id from the terminal artifact, per the runner contract introduced in adcp-client#1426. Mirror of #3990 onmain.
Version 3.0.5
Status: Patch release — stable-surface no-op for 3.0-conformant agents 3.0.5 unblocksbrand_json_url adoption on 3.0, ships an optional storyboard-authoring affordance, and corrects a brand-rights storyboard capture path that was rejecting spec-compliant agents. Wire format unchanged for any 3.0 agent that doesn’t claim a new optional surface.
Upgrading from 3.0.4? No code changes required for 3.0-conformant agents. SDK consumers bump
ADCP_VERSION to 3.0.5 to pick up the relaxed identity validator and the brand-rights storyboard fix.Adopter action
identity.additionalProperties: true on get_adcp_capabilities (#3896, closes Scope3 adoption gap)
The identity block on get-adcp-capabilities-response.json was schema-closed (additionalProperties: false), which was the lone outlier among capability blocks — every peer (media_buy, signals, creative, brand, compliance_testing, request_signing, webhook_signing, measurement) already had additionalProperties: true at the outer level. The closed shape silently contradicted the forward-compat promise made by #3690 (brand_url on get_adcp_capabilities for keys-from-agent-URL discovery), which explicitly stated that 3.0-pinned implementers could adopt identity.brand_json_url without waiting for a schema bump.
Without this relaxation, @adcp/sdk’s createAdcpServer (default strict-validation mode) rejected any operator response carrying brand_json_url, forcing adopters to disable validation entirely (a footgun) or wait for 3.1.
3.0.5 mirrors what main already shipped post-#3690: the outer identity object opens; the inner blocks (key_origins, compromise_notification) stay closed where the security weight actually sits. Strictly additive — the closed property list (per_principal_key_isolation, key_origins, compromise_notification) is unchanged; receivers that ignore unknown fields keep working; receivers that look for new identity fields gain forward-compat without waiting for a 3.x bump. Buyers and verifiers SHOULD continue to allowlist known identity fields at read time rather than rely on schema closure for trust decisions.
Storyboard-level default_agent field (#3897, closes #3894)
Optional top-level default_agent: <key> on the storyboard authoring schema (dist/compliance/3.0.5/universal/storyboard-schema.yaml). The multi-agent storyboard runner (adcp-client#1066, #1355) already accepts default_agent via run-options; this change lets storyboard authors encode the topology intent in YAML once instead of re-asserting --default-agent sales on every CI invocation. Cross-domain tools (sync_creatives, list_creative_formats) become deterministic without per-step agent: overrides.
Resolution order (runner contract):
- Step-level
agent:override. - Specialism-claimant match against the runtime agents map. Multi-claim grades
unrouted_step(operator-config error); slots 3/4 do not rescue. Zero claimants falls through to slot 3. - Storyboard-level
default_agent(this field). Set-but-unmatched gradesdefault_agent_unresolved— the runner does NOT silently fall through to slot 4, because that would invisibly override the storyboard author’s encoded intent. - Run-options
default_agent. Same set-but-unmatched rule. - Fail-fast —
unrouted_step.
provides_state_for precedent (#3775) for additive storyboard-schema affordances on 3.0.x.
The key shape is a free-form non-empty string keyed by the runtime agents map — the spec does not constrain to the specialism enum because production multi-agent topologies legitimately fan out per-property (nyt_sales, wsj_sales), per-region (sales_eu, sales_us), or per-brand-rights-holder. Cross-operator portability is the storyboard author’s concern, not the spec’s.
Brand-rights storyboard acquire_rights capture fix (#3893, closes #3892)
The brand_rights/rights_acquisition storyboard’s acquire_rights step captured a context_outputs field at path rights_grant_id, but brand/acquire-rights-response.json defines that field as rights_id (the AcquireRightsAcquired arm). Spec-compliant agents passed response_schema validation but failed the capture-and-pass-to-next-step machinery, which then cascade-skipped rights_enforcement with prerequisite_failed.
3.0.5 corrects the storyboard to read rights_id (preserving the storyboard-internal rights_grant_id key name so no other steps need updates) and aligns the expected: prose to match the published schema (status: acquired, not the legacy status: active).
Adopters running brand-rights conformance against a spec-compliant agent: bumping your SDK past 3.0.4 should flip the brand_rights storyboard from 3/5 scenarios passing to 5/5 with no agent-side changes.
Release mechanics (#3820)
forward-merge-3.0.yml: explicitly push the forward-merge/3.0.x branch to origin before peter-evans/create-pull-request@v8 runs. Discovered when 3.0.4’s forward-merge ran for real: auto-resolution succeeded, then peter-evans crashed with fatal: ambiguous argument 'origin/forward-merge/3.0.x': unknown revision. Last gap in the auto-resolution chain — every subsequent Version Packages cut now auto-creates the forward-merge PR without human intervention.
Detailed changelog
For the full per-PR change list, see CHANGELOG.md § 3.0.5.Version 3.0.4
Status: Patch release — stable-surface no-op for 3.0-conformant agents 3.0.4 is the third 3.0.x patch. Three additive cherry-picks from main, all hand-adapted for the maintenance line: themanifest.json + structured enumMetadata artifact (so SDKs stop hand-transcribing the spec), a normative issues[] array on core/error.json, and prose-only tightening of AUTH_REQUIRED to call out the retry-storm risk. Wire format unchanged.
Upgrading from 3.0.3? No code changes required for 3.0-conformant agents. SDK consumers bump
ADCP_VERSION to 3.0.4 to pick up manifest.json and the new enumMetadata block.Adopter action
manifest.json + structured enumMetadata (#3725, #3738)
Two additive artifacts published with every released schema bundle:
-
enums/error-code.jsongains anenumMetadatablock. Every error code now carries structuredrecovery(correctable|transient|terminal) andsuggestionfields. SDKs MUST consume this block instead of parsingRecovery: Xprose out ofenumDescriptions— a build-time lint enforces structured/prose parity. Closes the root cause of adcp-client#1135 (17 missing codes, 3 wrong recovery classifications shipped in TS SDK for over a year). -
/schemas/3.0.4/manifest.json. Single canonical artifact listing every tool (withprotocol,mutating,request_schema,response_schema,async_response_schemas,specialisms), every error code (withrecovery,description,suggestion), anerror_code_policyblock (definingdefault_unknown_recoveryso SDKs handle non-spec codes correctly), and every storyboard specialism (withprotocol,entry_point_tools,exercised_tools). Validates againstmanifest.schema.json. Lets SDKs derive their internal tool/error tables from one place at codegen time.
core/error.json — issues[] field (#3059, #3562)
Optional top-level issues array on the standard error envelope, normalizing what @adcp/sdk and prospectively adcp-go / adcp-client-python already need for multi-field validation rejections.
{ pointer (RFC 6901), message, keyword, schemaPath? }. schemaPath MAY be omitted in production to avoid fingerprinting oneOf branch selection on adversarial payloads.
Backward compatibility with field (singular): when both are present, sellers SHOULD set field to issues[0].pointer. Pre-3.1 consumers reading only field get the first failure; 3.1+ consumers prefer the top-level issues. Sellers MAY mirror issues[] into details.issues for backward compat with consumers reading from details.
AUTH_REQUIRED retry-storm prose (#3730 partial, #3739 backport)
AUTH_REQUIRED conflates two operationally distinct cases — credentials missing (genuinely correctable) and credentials presented but rejected (terminal — needs human rotation). A buyer agent treating both as correctable will retry-loop on revoked tokens, hammering seller SSO endpoints in a pattern indistinguishable from a brute-force probe.
The 3.1 line splits this into AUTH_MISSING and AUTH_INVALID (#3739). 3.0.x cannot adopt the split — adding new enum values violates the maintenance line’s semver rules. 3.0.4 ships the prose-only backport: the wire code stays AUTH_REQUIRED with recovery: correctable, but the description and enumMetadata.suggestion now spell out the two sub-cases and the SHOULD-NOT-auto-retry rule for the rejected-credential case. SDKs running against 3.0.x sellers can apply the operational distinction at the application layer.
docs/building/implementation/error-handling.mdx gets a sub-case callout and an updated example showing how to branch on whether credentials were attached. Closes the 3.0.x portion of #3730; the full split lands in 3.1.0.
Detailed changelog
For the full per-PR change list, see CHANGELOG.md § 3.0.4.Version 3.0.3
Status: Patch release — additive storyboard schema field, stable-surface no-op for 3.0-conformant agents 3.0.3 ships theprovides_state_for storyboard field so the conformance suite can rescue cascade-skipping when two interchangeable stateful steps live in the same phase. Plus a docs-only fix for the url_type enum in channel docs that was emitting a value the published schema already excluded.
Upgrading from 3.0.2? No code changes required for 3.0-conformant agents. Storyboard runners on
@adcp/sdk 6.5.0+ pick up the new field automatically once the cache refreshes against 3.0.3.Adopter action
provides_state_for storyboard field (#3734)
Optional provides_state_for: <step_id> | <step_id>[] on a stateful storyboard step declares that this step’s pass establishes equivalent state for the named peer step(s) in the same phase. Pairs with the cascade-skip mechanism in @adcp/sdk 6.5.0+: when a peer step would otherwise grade missing_tool or missing_test_controller, the substitute waives the cascade and the runner grades the peer with the new peer_substituted skip reason.
Concrete impact: explicit-mode social platforms (Snap, Meta, TikTok) intentionally pre-provision advertiser accounts out-of-band — sync_accounts is missing_tool by design, with list_accounts as the canonical alternative. 3.0.3’s sales-social/index.yaml declares provides_state_for: sync_accounts on the list_accounts step, letting these adapters graduate from 1/9/0 (8 downstream stateful steps cascade-skipped) to 9/10 against the sales_social storyboard once the SDK cache refreshes.
The field is part of the conformance harness, so it ships under the harness-additive patch-eligibility rule. Existing storyboards that don’t use it keep their current cascade behavior — pure additive.
Build-time validation (scripts/lint-storyboard-provides-state-for.cjs): rule shape, self-reference, unknown target, cross-phase reference (rejected — must be same-phase), target-not-stateful, substitute-not-stateful, and direct-cycle violations all fail loud.
runner-output-contract.yaml — peer_substituted skip reason
Companion to provides_state_for: when the runner waives a cascade because a same-phase peer substituted for the state contract, it grades the original peer with skip_result.reason = peer_substituted and detail "<this_step_id> state provided by <peer_phase_id>.<peer_step_id>". Distinct from peer_branch_taken (branch-set routing for mutually exclusive behaviors) and not_applicable (coverage gap — agent didn’t declare the protocol).
url_type: tracker → tracker_pixel (#2986 step 1)
Display, audio, carousels, and DOOH channel docs were emitting "url_type": "tracker" in examples — a value the published url-asset-type.json enum (clickthrough / tracker_pixel / tracker_script) already excluded. Fixed to tracker_pixel. Wire format unchanged; only prose docs were drifting.
Detailed changelog
For the full per-PR change list, see CHANGELOG.md § 3.0.3.Version 3.0.2
Status: Patch release — additive storyboard check kind + canonical asset-union schema 3.0.2 ships a new storyboard check kind that closes a static-analysis gap in@adcp/sdk’s drift verifier, plus extracts a shared asset-variant oneOf union into its own schema file so codegen tools (notably json-schema-to-typescript) stop emitting numbered duplicate types.
Upgrading from 3.0.1? No code changes required for 3.0-conformant agents. The check kind is consumed by the conformance runner, not by sellers; the asset-union refactor is a wire-format no-op.
Adopter action
envelope_field_present check kind
Storyboard validations[].check gains envelope_field_present as a peer of field_present. Same shape — path is RFC 6901-style — but resolves the path against protocol-envelope.json rather than the step’s response_schema_ref. Used in static/compliance/source/universal/v3-envelope-integrity.yaml to assert that responses include status, where the previous field_present check left a VERIFIER_UNREACHABLE hole because status lives on the envelope, not the per-task response schema.
Canonical core/assets/asset-union.json
The asset-variant oneOf union (the discriminated set of image | video | text | url | vast | daast | ... shapes) was inlined identically in creative-asset.json and creative-manifest.json. json-schema-to-typescript walking those parent schemas independently emitted VASTAsset1, DAASTAsset1, BriefAsset1, CatalogAsset1 numbered-duplicate types — invisible at the wire level, irritating in generated code.
3.0.2 promotes the union to core/assets/asset-union.json and references it via $ref from both parents. Codegen now emits a single Asset (or whatever your tool chooses) without the numbered duplicates. Wire format and validation semantics unchanged — pure refactor of the schema reference graph.
Detailed changelog
For the full per-PR change list, see CHANGELOG.md § 3.0.2.Version 3.0.1
Status: Patch release — stable-surface no-op for 3.0-conformant agents 3.0.1 is a maintenance release. It ships the protocol skills bundle through the canonical tarball, formalises a handful of normative clauses left underspecified in 3.0.0, and adds small additive fields on experimental surfaces (governance, TMP) and the conformance harness. The stable wire surface is unchanged.Upgrading from 3.0.0? No code changes required for 3.0-conformant agents. SDK consumers bump
ADCP_VERSION from 3.0.0 to 3.0.1 to receive the canonical skills via their existing sync flow.Adopter action
Why 3.0.1 exists
Theskills/ directory was hoisted into the protocol root after the 3.0.0 tarball was already cosign-signed. Re-cutting at the same version would have invalidated the supply-chain attestations bound to the original 3.0.0 SHA-256. 3.0.1 ships the bundle through the normal release path. (#3116, #3117)
Spec polish — no wire change
Normative clarifications and docs corrections. None of these add new fields to stable schemas; they document behaviour the spec already implied.acquire_rightsrequest validation — Brand agents MUST reject expired campaign windows (campaign.end_datein the past) withINVALID_REQUEST. CPM-priced rights under a governed plan must includecampaign.estimated_impressions. Closes implementer disagreement on identical requests. (#2680, #2681)get_signalspagination precedence — When both top-levelmax_resultsandpagination.max_resultsare present, agents MUST honorpagination.max_results. Top-levelmax_resultsdeprecated; removed in 4.0.- URL canonicalization — Now applies uniformly to brand.json agent URLs (
brand_agent_entry.url,brand_agent.url,rights_agent.url). Two URLs differing only in case, default port, or percent-encoded unreserved characters compare equal during agent resolution. New reference page at URL canonicalization. - v3 envelope integrity — Schema-level constraint on
protocol-envelope.jsonformally prohibits legacy v2task_status/response_statusfield names. The prose MUST NOT was already in 3.0.0; the constraint is now machine-detectable by validators. Companion universal storyboardv3-envelope-integrityexercises the assertion. Conformant 3.0 implementations are unaffected. (#3041) - Format asset codegen — Title annotations on
format.jsononeOfbranches enable codegen tools (json-schema-to-typescript, datamodel-code-generator, oapi-codegen) to emit named per-asset-type interfaces instead of untyped unions. Annotation-only. - Inline-enum hoisting — Source schemas now
$refshared enum files forpayment-terms,audio-channel-layout,media-buy-valid-action,match-type,governance-decision,billing-party, and 11 others. Bundled wire format unchanged in all cases.
Experimental surfaces — additive only
Per the experimental-surface contract, these surfaces accept additive changes within a patch release. Changes here do not affect agents that don’t implement these protocols.- Governance —
modefield added tocheck-governance-response.jsonandget_plan_audit_logsaudit entries. Records the enforcement posture (enforce/advisory/audit) active at check time. Closes a gap where audit and enforce modes produced identical-looking trails. - Trusted Match Protocol (TMP) —
seller_agent: { agent_url, id? }added toAvailablePackage, making seller identity explicit on every package cached by a TMP provider. Newseller_not_authorizederror code for sync-time rejection when the seller’sagent_urlis not present in the property publisher’sadagents.json. All TMP schemas now carryx-status: experimental.
Conformance harness — sandbox-only
comply_test_controller is conformance-harness scaffolding, not a normative protocol task. Changes here only affect sandbox testing.
force_task_completion— Resolves a previously-submitted async task tocompletedwith a buyer-supplied result payload. Closes the loop on the asynccreate_media_buysubmitted → completed roundtrip. Result is delivered via the seller’s webhook (canonical 3.0 path); a typed result projection on the polling response is tracked for 3.1 in #3123.seed_creative_format— Pre-populates a deterministic set of creative formats for pagination-integrity storyboards. Companion:list_creative_formatsnow applies cursor-based pagination matching thelist_creativespattern.
Release mechanics
- Cosign signing on private packages so future Version Packages merges auto-tag and
changesets/actionauto-creates the GitHub Release with artifacts. dist/protocol/retained in the Fly.io image so cosign-signed versioned tarballs ship and/protocol/{version}.tgzactually serves end-to-end.- Skills bundled at
/protocol/3.0.1.tgz:call-adcp-agentplus the per-protocoladcp-{brand,creative,governance,media-buy,si,signals}.
Detailed changelog
For the full per-PR change list, see CHANGELOG.md § 3.0.1.Version 3.0.0
Status: General Availability | AdCP 3.0 overview AdCP 3.0 makes agent-to-agent ad buying retry-safe and auditable, with optional end-to-end request signing for AdCP Verified agents. Four trust primitives carry mutating traffic — three are baseline-required in 3.0 (request-side idempotency, the RFC 9421 profile on webhooks, signed JWS governance) and RFC 9421 request signing is optional unless an agent claims AdCP Verified. The compliance runner proves an agent does each of them right. Storyboards move into the protocol at/compliance/{version}/ as the bar; AdCP Verified is a self-attested stamp that an agent published passing runner output. 3.0 also brings broadcast TV as a first-class channel, generalizes governance to any purchase type, and simplifies the capabilities model so object presence replaces dozens of boolean flags.
Upgrading from rc.3? See rc.3 → 3.0 prerelease upgrade notes for the breaking changes table, before/after examples, and migration steps.
What’s New
-
Trust surface: four cryptographic primitives for agent-to-agent ad buying — Grouped by symmetry on the wire, so what’s true of a request is true of a webhook:
Requests — buyer → seller:
idempotency_keyrequired on every mutating request — fresh key per logical operation, matching^[A-Za-z0-9_.:-]{16,255}$(UUID v4 for Verified). Sellers declare dedup semantics viaadcp.idempotency = { supported: true, replay_ttl_seconds: ... }(1h–7d, 24h recommended) or{ supported: false }. Whensupported: true:replayed: trueon exact replay,IDEMPOTENCY_CONFLICTon payload mismatch,IDEMPOTENCY_EXPIREDpast TTL. Whensupported: false: retries double-process — buyers MUST use natural-key checks instead. Extended toactivate_signal. Conformance runners probesupported: trueclaims with a deliberate payload-mutation replay. (#2315, #2407, #2436, #2447)- RFC 9421 HTTP Message Signatures — optional in 3.0, required for AdCP Verified. Ed25519 over a canonicalized covered-component list (including
content-digest). sf-binary and URL canonicalization pinned so independent implementations produce bit-identical canonical inputs. Verifier follows a 15-step checklist (keyidcap-before-crypto, SSRF-validated JWKS fetch,jtireplay dedup, audience binding) — see the Security guide. Published test vectors understatic/compliance/source/test-vectors/request-signing/. (#2323, #2341, #2342, #2343)
- Webhook signing unified on the RFC 9421 profile — baseline-required for sellers emitting webhooks — Sellers sign outbound webhooks with a key published in their JWKS at
jwks_uri(discoverable viabrand.jsonagents[]). The JWK carriesadcp_use: "webhook-signing"to distinguish it from the request-signing key;kidvalues MUST be unique across purposes within a JWKS. No shared secret crosses the wire. Verification failures return typedwebhook_signature_*reason codes defined in the Security guide. HMAC-SHA256 remains a legacy fallback through 3.x (opt-in viapush_notification_config.authentication.credentials); removed in 4.0. (#2423) - Webhook payloads carry a required
idempotency_key— Every webhook is dedupable by a sender-generated UUID v4, using the same^[A-Za-z0-9_.:-]{16,255}$format as request-side keys. Replaces fragile(task_id, status, timestamp)dedup across five webhook payload schemas.revocation-notification.notification_idrenamed toidempotency_keyfor protocol-wide consistency. (#2416, #2417)
- Signed JWS
governance_context— governance decisions are cryptographically verifiable offline. The governance agent issues a JWS signed with its key fromsync_governance; sellers verify and bind decisions tosub(buyer),aud(seller),phase, andexpwithout round-tripping. Stale or forged decisions are rejected at the transport layer. Sellers with a configured governance agent MUST callcheck_governancebefore committing budget (rejection withPERMISSION_DENIEDon missing or invalid context). (#2316, #2403, #2419)
adcp_useJWK taxonomy, and per-primitive verification paths. -
Specialisms, compliance storyboards, and AdCP Verified — Trust primitives define the bar; storyboards test that an agent actually meets it; AdCP Verified certifies the result. Storyboards move into the protocol at
/compliance/{version}/(universal + protocols + specialisms + test-kits). Every agent runs/compliance/{version}/universal/security.yamlregardless of claims — unauth rejection, API key enforcement, OAuth discovery per RFC 9728, audience binding, and (when signing is claimed) thesigned_requestsandsigned_webhooksrunner harnesses. Runner output is a structured, verifiablerunner-output.jsonwith a hash chain over the test-kit corpus. Cross-instance state persistence is required. Newspecialismsfield onget_adcp_capabilitieslets agents claim narrow capability specialisms across 6 protocols (media-buy, creative, signals, governance, brand, sponsored_intelligence).sponsored_intelligenceis promoted from specialism to full protocol.broadcast-platform→sales-broadcast-tv,social-platform→sales-social.property-governance+collection-governancesplit into siblingproperty-listsandcollection-listsspecialisms. Compliance taxonomy renamesdomains→protocols;audience-syncreclassified fromgovernancetomedia-buy. Per-version protocol tarball at/protocol/{version}.tgz. The formal AdCP Verified program launches with 3.1 once reference implementations (training agent, SDKs) and ambiguous-storyboard work reach full compliance on a 4–6 week cadence; 3.0 Verified is self-attested via published runner output. See the Compliance Catalog and What’s new in v3 for the rationale and timeline. (#2176, #2300, #2304, #2332, #2336, #2350, #2352, #2363, #2381) -
Broadcast TV Support — Linear TV sellers can now fully participate in AdCP. Ad-ID identifiers on creative assets and manifests. Broadcast spot formats for :15, :30, and :60 spots.
agency_estimate_numberon media buys and packages. Measurement windows (Live, C3, C7) on reporting capabilities. Delivery data completeness flags (is_final,measurement_window) for provisional vs. closed numbers. Broadcast forecast schema addsmeasurement_sourceandguaranteed_impressions.station_idandfacility_ididentifier types. (#2046, #1853, #1912) -
Governance Generalization and Regulatory Invariants — Governance extends beyond media buys to cover brand rights licensing, signal activation, and creative services.
governance_contextreplacesmedia_buy_idas the identifier tying governance actions across a campaign’s lifecycle. Newpurchase_typefield distinguishes the governed activity. GDPR Art 22 / EU AI Act Annex III are enforced as schema invariants:budget.authority_levelsplits intobudget.reallocation_threshold(autonomy) andplan.human_review_required(Art 22 review); cross-fieldif/thenrejectshuman_review_required: falsefor regulated verticals (fair housing, fair lending, fair employment, pharmaceutical). Append-onlyrevisionHistory; downgrades require ahuman_overrideartifact.eu_ai_act_annex_iiiseeded in the registry.data_subject_contestationonbrand.jsonsatisfies Art 22(3) discovery. (#2014, #2310, #2338) -
Capabilities Model Simplification — Redundant boolean gates are removed throughout
get_adcp_capabilities. If acontent_standardsobject exists in the response, the agent supports content standards — no separate boolean needed.reporting_capabilitiesis now required on every product. Geo capability fields keep their typed shapes (geo_countries,geo_regions,geo_metros,geo_postal_areas). (#2143, #2157) -
Collection Lists — Program-level brand safety for shows, series, and podcasts. Collection lists parallel property lists but target content programs using distribution identifiers (IMDb, Gracenote, EIDR) for cross-publisher matching. New
collection_listandcollection_list_excludefields on the targeting overlay. Genre taxonomy enum normalizes classification. 16 new collection schemas. (#2005) -
Structured Measurement Terms — Guaranteed buys gain a formal negotiation surface.
measurement_termscovers billing vendor, IVT threshold, and viewability floor. Sellers declare defaults; buyers propose overrides atcreate_media_buy; sellers accept, reject, or adjust.cancellation_policyschema declares notice periods and penalties.TERMS_REJECTEDerror code. (#1962) -
Unified Vendor Pricing — Pricing extends from signals to creative, governance, and property list agents. All vendor pricing now uses a shared schema covering CPM, percent-of-media, and flat-fee models.
pricing_options[]onlist_creatives,build_creative,get_creative_features, and property lists. (#1937) -
Per-Request Version Declaration —
adcp_major_versionon all 56+ request schemas lets buyers declare which major version their payloads conform to. Sellers returnVERSION_UNSUPPORTEDon mismatch. When omitted, sellers default to their highest supported version. (#1959) -
Offline Reporting Delivery — Sellers can push reports to buyer-provided cloud storage.
reporting_delivery_methodson capabilities declares supported protocols (SFTP, S3, GCS, Azure Blob).reporting_bucketon accounts specifies the destination. Products declaresupports_offline_deliveryinreporting_capabilities. File formats: CSV, JSON, Parquet, Avro, and ORC. (#2198, #2205) -
Error Codes and Schema Consistency — New
GOVERNANCE_DENIEDcorrectable error code.contextandextfields added to all request and response schemas across governance, collection, property, SI, and content-standards protocols.signal_idis now required onget_signalsresponse items.comply_test_controllerschema flattened from a oneOf union to a flat object with ascenariodiscriminant. Envelope-levelreplayedflag (from idempotency) is now accepted on 15 mutating-tool response schemas that previously rejected it — property-list, collection-list, and governance tools that return replay responses no longer fail schema validation (#2839). Formalaudience-statusenum extracted with explicit lifecycle transitions, paralleling the other lifecycle-bearing resource types (#2836). (#2194) -
Media Buy Lifecycle —
pending_activationsplits intopending_creatives(approved, no creatives assigned) andpending_start(ready to serve, waiting for flight date).MediaBuy.pending_approvalremoved; IO approvals are now explicit task-layer objects with their own lifecycle and audit trail — decoupled from media-buy status. Newsubmittedbranch oncreate_media_buyindicates the seller accepted the payload for processing but has not yet confirmed the order. Top-levelcompliance_testing: { scenarios: [...] }capability block declarescomply_test_controllersupport. (#2034, #2270, #2351, #2425) -
TMP: Provider Registration, TMPX Exposure Tracking, and Multi-Identity Match — New
provider-registration.jsonschema formalizes provider endpoints, capabilities, lifecycle status (active/inactive/draining), and timeout budgets.GET /healthendpoint enables router-side monitoring. TMPX adds exposure tracking with country-partitioned identity and macro connectivity. Identity Match requests now accept anidentitiesarray (1-3 tokens per request) so publishers can maximize match rate across heterogeneous buyer identity graphs. Router filters per provider and re-signs; RFC 8785 JCS canonicalization eliminates delimiter-injection risk. TMP remains pre-release in 3.0; stable surface targeted for 3.1.0. (#2210, #2079, #2251) -
Operating an Agent, Release Cadence, CHARTER — New “Operating an Agent” guide for publishers without engineering teams (partner / self-host / build). Named release cadence policy: patch monthly, minor quarterly, major annual if needed. v2 EOL August 1, 2026. Formal
CHARTER.mdlinked from README, IPR, and intro. AI disclosure page. Known-limitations and privacy-considerations reference pages.status: experimentalmarker for in-production but not-yet-stable protocol fields;custompricing-model escape hatch on signals. (#2202, #2309, #2311, #2312, #2321, #2329, #2362, #2382, #2422, #2427) -
Trust-surface late hardening — Two normative tightenings from the external 3.0 security review land as MUST in GA:
- Idempotency cache insert-rate limiting. Sellers MUST apply per-
(authenticated_agent, account)rate limits on idempotency-cache inserts (separate from request rate limits) and returnRATE_LIMITEDwithretry_afterwhen exceeded. First-deployment ceiling: 60 inserts/sec sustained per agent (3,600/min), burst to 300/sec over rolling 10s windows — sized against realistic high-volume launch patterns (10 media buys/min × 10 packages × 10 creatives, 3–5× headroom) and consistent with the existing 100k-per-keyid webhook replay cap and 1M-per-keyid request replay cap. Tunable per deployment. Closes a nonce-flood DoS amplification vector. See security.mdx idempotency § bullet 8. - Webhook-registration signing MUST for signing-capable sellers. Sellers that support request signing MUST reject webhook-registration requests carrying
push_notification_config.authenticationover bearer-only (unsigned) transport, withrequest_signature_required. Structural defense against on-path mutators injecting or stripping theauthenticationblock during onboarding — a 9421-signed registration cryptographically commits to the body. Sellers with no signing support keep the log-and-alarm posture. Scoped breakage: buyers that previously registered webhooks withauthenticationagainst a signing-capable seller over bearer transport must switch to 9421-signed registration. Negative test vector027-webhook-registration-authentication-unsigned.jsonlands with the tightening.
- Idempotency cache insert-rate limiting. Sellers MUST apply per-
-
Error-code vocabulary cleanup (#2704) — The uniform-response MUST (#2691) forbids sellers from minting custom
*_NOT_FOUNDcodes for typed parameters; the spec itself was out of compliance in 12 places. Cleanup aligns the spec with the rule:PLAN_NOT_FOUNDis promoted to standard vocabulary (used acrossreport_plan_outcome,get_plan_audit_logs,check_governance; recovery viasync_plans). Eleven other custom codes (CHECK_NOT_FOUND,CAMPAIGN_NOT_FOUND,BRAND_NOT_FOUND,STANDARDS_NOT_FOUND,FORMAT_NOT_FOUND,AGENT_NOT_FOUND,SIGNAL_AGENT_SEGMENT_NOT_FOUND,SEGMENT_NOT_FOUND,AUDIENCE_NOT_FOUND,CATALOG_NOT_FOUND,EVENT_SOURCE_NOT_FOUND) collapse toREFERENCE_NOT_FOUNDwitherror.fieldnaming the failed parameter. Signals auth-uniformity tightened: private signal agents now returnREFERENCE_NOT_FOUNDuniformly for unauthorized accounts (preventing cross-tenant enumeration). None of the 12 codes appeared in JSON schemas — prose-level cleanup only; no schema-enum migration. Sellers returning any of the 11 collapsed codes today MUST switch toREFERENCE_NOT_FOUND. -
Schema presence tightenings on governance decisions and catalog sync (#2612) — Conformant agents unchanged; non-conformant ones now fail at
response_schemavalidation instead of a less-obvious downstreamfield_presentcheck.check-governance-response.jsonenforces the spec-described presence rules viaif/then:status: conditionsrequiresconditionswithminItems: 1(a conditions decision with zero conditions is non-actionable),status: deniedrequiresfindingswithminItems: 1(a denial with no finding gives the buyer nothing to act on), andstatus: approved | conditionsrequiresexpires_at.sync-catalogs-response.jsonrequiresitem_countonaction: created | updated | unchanged(still omitted onfailed | deleted). -
Typed discriminators and id-naming consistency — Three structural tightenings that make the 3.0 wire shape unambiguous for validators and for readers of payloads:
asset_typediscriminator on creative assets (#2776) — All 14 asset schemas declareasset_typeas a requiredconst, and composite schemas (core/creative-manifest.json,core/creative-asset.json,core/offering-asset-group.json,creative/list-creatives-response.json) switch from a 14-branchanyOftooneOf+discriminator: { propertyName: "asset_type" }. ajv 8 consumers withdiscriminator: truereport errors against only the selected branch — a single fixture’s lint footprint collapsed from 60+ fingerprints to 2. Payloads that omitasset_typenow fail validation; somebriefpayloads that were passing under the prioranyOfonly because ajv matched thetext-assetbranch (e.g. a bare{ "content": "..." }) must conform tocore/creative-brief.json— at minimum{ "asset_type": "brief", "name": "<brief name>" }.refine[]entity id naming onget_products(#2775) — Genericidreplaced withproduct_idunderscope: "product"andproposal_idunderscope: "proposal", matching the<entity>_idconvention used elsewhere in the protocol.actionis now optional and defaults to"include"; callers only set it explicitly for"omit"/"more_like_this"/"finalize".- SI
context→intentrename (#2774, experimental carve-out) — Onsi_get_offeringandsi_initiate_session, the natural-language user-intent field is renamed fromcontexttointent, freeingcontextto carry the universal opaque-echo object (/schemas/core/context.json) — matching every other AdCP subprotocol.si_terminate_sessionwas already conformant. Treated as a minor change under thex-status: experimental+ 6-week notice policy for SI. - Governance plan scoping contract (#2777) —
governance/report-plan-outcome-request.json,governance/check-governance-request.json, andgovernance/get-plan-audit-logs-request.jsonnow state onplan_id/plan_idsthat the plan uniquely scopes account and operator; an explicitaccountfield is rejected byadditionalProperties: false. The rejection is not new, but it is now a readable contract instead of a silent schema error.
-
url-asset accepts buyer macro templates (#2801) —
core/assets/url-asset.jsonrelaxesurl.formatfromuritouri-template(RFC 6570 Level 1). This matches the prose spec indocs/creative/universal-macros.mdx, which requires buyers to submit tracker URLs with raw AdCP macros like{SKU}/{DEVICE_ID}/{MEDIA_BUY_ID}at sync time — the ad server URL-encodes substituted values at impression time.uri-templateaccepts both plain URIs and Level 1 templates. A new Template Syntax section inuniversal-macros.mdxscopes AdCP to Level 1 — Level 2–4 operators ({+var},{#var},{.var},{/var},{;var},{?var},{&var}) are not used.
border_radius, elevation, spacing, extended color roles, structured font definitions, generic agents array, data_subject_contestation for Art 22) and minor additions landed throughout the release. A trio of non-normative x- annotations also shipped to support the storyboard conformance harness — x-entity identifies which AdCP entity a field references (media_buy, brand, account, plan, policy, property_list, etc.; #2660), x-mutates-state marks request schemas that change observable state independently of whether they require an idempotency_key (#2675), and governance_policy splits into registry vs. inline variants (#2685). Agents don’t validate x- fields; they’re tooling hints for lints and entity-binding checks. See the CHANGELOG for the full list of minor additions.
Breaking Changes
Migration Notes For rc.3 Adopters
- Webhooks — Migrate from HMAC-SHA256 to RFC 9421 signing. Publish a webhook-signing JWK in your JWKS at
jwks_uri(JWKS is referenced frombrand.jsonagents[]) withadcp_use: "webhook-signing"on the JWK and akidunique across purposes. Droppush_notification_config.authenticationfrom new configs; buyers opt into legacy HMAC viaauthentication.credentials. Receivers verify against the sender’s JWKS. Every outbound webhook payload must carry anidempotency_keymatching^[A-Za-z0-9_.:-]{16,255}$(UUID v4 for Verified). Listeners must dedupe keyed by sender identity (signingkeyidunder 9421, or HMAC/Bearer credential under legacy) with a 24h minimum TTL. HMAC fallback remains available through 3.x; the fullauthenticationobject is removed in 4.0. - Idempotency — Generate a fresh key on every mutating request, matching
^[A-Za-z0-9_.:-]{16,255}$(UUID v4 for Verified). Same key + identical payload on retry →replayed: true. Same key + different payload →IDEMPOTENCY_CONFLICT. Key older than the seller-declaredreplay_ttl_seconds→IDEMPOTENCY_EXPIRED(1h–7d, 24h recommended — no protocol default). Your agent must persist keys across instances. - Request signing (optional in 3.0, required for Verified) — If you plan to claim AdCP Verified, implement RFC 9421 Ed25519 signing per the signing profile and declare your signing key via the account surface. Test against
static/compliance/source/test-vectors/request-signing/and the runner’ssigned_requestsharness. - Governance context — Switch from opaque-string
governance_contextto the signed JWS format. Verify using the governance agent’s JWKS (resolved viasync_governance). Bind signature tosub(buyer),aud(seller),phase, andexpbefore trusting. - IO approval — Remove
MediaBuy.pending_approvalfrom state filters. Consume approval tasks from the task surface instead. - Budget autonomy — Rewrite any
budget.authority_levelreferences:agent_full→reallocation_unlimited: true;agent_limited→reallocation_threshold: <positive>;human_required→plan.human_review_required: true. - Regulated verticals — For credit, insurance, recruitment, or housing campaigns, declare
policy_categoriesand either sethuman_review_required: trueor let your governance agent do so automatically. Populatebrand.data_subject_contestationfor Art 22(3) discovery. - Specialism claims — Rename
inventory-lists→property-lists; addcollection-listsif applicable. Reclassifyaudience-syncundermedia-buy(addmedia_buytosupported_protocolsif you only declaredgovernance). - Compliance paths — Update any references to
/compliance/{v}/domains/→/compliance/{v}/protocols/. - Capabilities — Remove all boolean capability checks (
features.content_standards,brand.identity,trusted_match.supported, etc.). Test for object presence instead. See the prerelease upgrade notes for the full field list. - Products — Ensure all products include
reporting_capabilities. This field is now required. - Media buy status — Replace
pending_activationwithpending_creativesandpending_start. See lifecycle states. - update_media_buy — Pass
accounton all calls, matchingcreate_media_buybehavior. - preview_creative — Update request builders from the oneOf union to the flat schema with
request_typediscriminant. - Signals — Include
signal_idon all signal items inget_signalsresponses. - Governance — Replace
media_buy_idreferences withgovernance_context. HandleGOVERNANCE_DENIEDas a correctable error code. - Version negotiation — Include
adcp_major_versionon requests when interacting with multi-version sellers. - Creative asset payloads — Add
"asset_type": "<type>"to every asset value increative_manifest.assets,creative.assets,offering_asset_group.items, andlist_creativesresponses. Forbriefassets, move free-text prompts out of a bare{ "content": "..." }shape intocore/creative-brief.jsonfields (at minimum{ "asset_type": "brief", "name": "<brief name>" }). Forvast/daastassets,asset_typeat the root plus the existing nesteddelivery_typediscriminator. - Product refinement — Rename
refine[].idtorefine[].product_id(scope: product) orrefine[].proposal_id(scope: proposal). Dropactionwhen you meaninclude; keep it only for non-default values (omit,more_like_this,finalize). - Sponsored Intelligence — Rename the user-intent field from
contexttointentonsi_get_offeringandsi_initiate_session. If you echo a universalcontextobject, place it undercontext(now typed per/schemas/core/context.json). - url-asset tracker URLs — No action needed to accept macros — the validator now permits RFC 6570 Level 1 templates. Do not pre-encode AdCP macros at sync time; the ad server URL-encodes substituted values at impression time.
Next steps
- Upgrading from v2? Start with the migration guide.
- Upgrading from a prerelease? Go to the prerelease upgrade notes.
- New to AdCP? Read the 3.0 overview and then get started.
Version 3.0.0-rc.3
Status: Release Candidate (superseded by 3.0.0) | AdCP 3.0 overview | SDK supportWhat’s New
- Trusted Match Protocol (TMP) — Real-time execution layer for AdCP. 9 schemas, 12 documentation pages, provider discovery on products, typed artifacts for content resolution, and lightweight context matching. Deprecates AXE.
-
Order Lifecycle Management —
confirmed_aton order creation, cancellation at media buy and package level withcanceled_byattribution, per-packagecreative_deadline,valid_actionsfor state-aware agents,revisionfor optimistic concurrency, andinclude_historyfor revision audit trails. 7 new error codes. -
Governance Simplification — Remove
bindingfield fromcheck_governance(inferred from discriminating fields), removemodefromsync_plans(governance agent configuration, not protocol), removeescalatedstatus (handled via async task lifecycle). Three terminal statuses:approved,denied,conditions. -
Seller-Assigned IDs — Remove
buyer_ref,buyer_campaign_ref, andcampaign_ref. Seller-assignedmedia_buy_idandpackage_idare canonical.idempotency_keyon all mutating requests. Opaquegovernance_contextstring replaces structured schema. -
Proposal Lifecycle — Draft/committed proposal status, finalization via refine action, insertion order signing, and expiry enforcement on
create_media_buy. Guaranteed products start as draft with indicative pricing. - Audience Bias Governance — Structured audience data for fairness validation. New schemas for audience selectors, constraints, policy categories, and restricted attributes (GDPR Article 9). 10 policy category definitions, 8 restricted attribute definitions, 13 seed policies across US, EU, and platform regulations.
-
Streaming and Audio Delivery Metrics —
completed_views(renamed fromvideo_completions),reach,reach_unit, andfrequencyin aggregated totals. Audio/podcast-native metrics.reach_unitco-occurrence constraint ondelivery-metrics.json. -
Availability Forecasts —
budgetnow optional onForecastPointfor total available inventory. Newavailabilityforecast range unit. Guaranteed products include availability forecasts with estimated cost. -
Advertiser Industry Taxonomy — Two-level dot-notation categories on brand manifest and
create_media_buy. Restricted categories (gambling, cannabis, dating) require explicit declaration. -
Content Standards —
content_standardsonget_adcp_capabilitiesfor pre-buy visibility into local evaluation and artifact delivery capabilities.samplingremoved fromget_media_buy_artifacts(configured at creation time). -
Event Source Health — Optional
healthon event sources (status, match rate, event volume, issues) andmeasurement_readinesson products for buyer event setup evaluation. -
Collection/Installment Extensions —
specialandlimited_seriesfields, installment deadlines with deadline policies, print-capable creative formats with physical units, DPI, bleed, and color space. -
Scoped adagents.json Authorization — Delegation types, placement governance, signing keys, country and time-window constraints on
authorized_agents.
Breaking Changes
Migration Notes For rc.2 Adopters
- Buyer references — Remove
buyer_refandcampaign_reffrom request payloads. Useidempotency_keyfor safe retries instead. - Governance — Remove
bindingfromcheck_governancecalls,modefromsync_plans, and stop handlingescalatedstatus. Use async task polling for human review workflows. - Artifacts — Remove
samplingfromget_media_buy_artifactsrequests. Configure sampling atcreate_media_buytime. - Format filtering — Replace
format_typesfilters withasset_typesonlist_creative_formatsorchannelsonget_products. - Collections — Rename
show/episodereferences tocollection/installmentthroughout.
Version 3.0.0-rc.2
Status: Release Candidate | AdCP 3.0 overviewWhat’s New
-
Brand Protocol Rights Lifecycle —
get_rights,acquire_rights,update_rightstasks for brand licensing. Generation credentials, creative approval webhooks, revocation notifications, and usage reporting. Authenticated webhooks (HMAC-SHA256), actionable vs final rejection convention, DDEX PIE mapping for music licensing, and sandbox tooling for scenario testing. -
Visual Guidelines on Brand Manifest — Structured
visual_guidelinesfield onbrand.json: photography, graphic style, shapes, iconography, composition, motion, logo placement, colorways, type scale, asset libraries, and restrictions. Enables generative creative systems to produce on-brand assets. -
Collections and Installments — Content dimension for products representing persistent programs (podcasts, TV series, YouTube channels).
collectionson products references collections declared in anadagents.jsonby domain and collection ID — collection creators can serve as canonical sources regardless of distribution.collection_targeting_allowedcontrols whether buyers can select a subset or get the bundle. Distribution identifiers for cross-seller matching, installment lifecycle states, break-based ad inventory, talent linking, collection relationships, international content ratings. -
Sponsored Intelligence Channel —
sponsored_intelligenceadded to the media channel taxonomy for AI platform advertising (AI assistants, AI search, generative AI experiences). -
Property Governance Integration — Optional
property_listparameter onget_productsfor filtering products by governance-evaluated property lists.property_list_appliedresponse field confirms filtering. -
Campaign Governance and Policy Registry —
sync_plans,check_governance,report_plan_outcome, andget_plan_audit_logsfor plan-level governance. Adds audit/advisory/enforce modes, delegated budget authority, seller-side governance checks, portfolio governance, registry-backed shared policies, andgovernance_contextfor canonical plan extraction. -
Account Model Simplification — Removed
account_resolutioncapability.require_operator_authnow determines both auth model and account reference style. -
Creative Workflow Upgrades —
build_creativenow supports inline preview viainclude_preview, multi-format output viatarget_format_ids, quality tiers for draft vs production output, catalog-drivenitem_limit, and library retrieval usingcreative_idplus optional macro substitution and trafficking context.preview_creativealso adds quality control parameters. -
Creative Library Protocol Unification —
list_creativesandsync_creativesnow live in the Creative Protocol. Creative agents can advertisesupports_generation,supports_transformation, andhas_creative_libraryso buyers can route generation, transformation, and library retrieval intentionally. -
Disclosure Persistence — Regulatory disclosure requirements can now specify persistence (
continuous,initial,flexible) in addition to position and duration, with matching capability declarations on formats. -
Product Discovery and Planning Ergonomics — Product discovery adds
exclusivityandpreferred_delivery_types; products may omitdelivery_measurement; packages and proposals support per-packagestart_time/end_time; andget_productsnow supportstime_budgetwithincompleteresponse reporting. -
Accounts and Sandbox Refinements —
sync_accountsaddspayment_terms, sandbox capability moves to the account capability block, and sandbox now participates in the account natural key for implicit account flows. -
Governance Agent Sync —
sync_governancetask for syncing governance agent endpoints to specific accounts. Supports both explicit accounts (account_id) and implicit accounts (brand+operator) via account references. Replace semantics per call. Governance sync is now a dedicated tool — removed fromsync_accountsandlist_accounts.
Breaking Changes
Migration Notes For rc.1 Adopters
- Creative task routing — If you adopted 3.0.0-rc.1, update any assumptions that creative library operations are Media Buy tasks.
list_creativesandsync_creativesare Creative Protocol operations in rc.2, even when a sales agent implements them on the same endpoint. - Capability discovery — Replace reads of
account_resolutionwithrequire_operator_auth, and read sandbox support fromaccount.sandboxinstead ofmedia_buy.features.sandbox. - Creative request/response handling —
build_creativecan now return inline previews, multiple manifests, or a library-resolved manifest. Clients that assumed only single-format manifest-in / manifest-out behavior should update their response handling. - DOOH validation — Existing v3 DOOH
flat_rateintegrations must addtype: "dooh"insideparameterswhen those parameters are provided.
Other Updates
- Certification program — Three-tier certification (Basics, Practitioner, Specialist) taught by Addie through interactive chat, with vibe coding build projects for non-technical participants.
- Documentation — Illustrated protocol walkthroughs, buy-side guides, FAQ expansion, schema-compliant examples, and collapsed sidebar navigation.
Version 3.0.0-rc.1
Status: Release Candidate | AdCP 3.0 overviewWhat’s New
-
Keyword Targeting —
keyword_targetsandnegative_keywordson the targeting overlay for search and retail media. Per-keyword bid prices with broad, phrase, and exact match types. Incremental management viakeyword_targets_addandkeyword_targets_removeon package updates.by_keywordbreakdown in delivery reporting. -
Optimization Goals Redesign —
optimization_goal(singular) replaced byoptimization_goals(array). Discriminated union onkind:metricfor seller-native delivery metrics oreventfor conversion tracking. Priority ordering for multi-goal packages. New metric types:engagements,follows,saves,profile_visits. View duration configuration for video completion goals. -
Reach Optimization —
reachas a metric optimization goal withreach_unit(individuals, households, devices, accounts, cookies, custom) and optionaltarget_frequencyband (min/max/window). Products declaresupported_reach_unitswhen reach is in their supported metrics. -
Expanded Frequency Cap —
frequency_capnow supportsmax_impressions+per+windowin addition to the existingsuppress_minutes. -
Signal Pricing Models — Discriminated union with three pricing models:
cpm,percent_of_media(with optionalmax_cpm), andflat_fee. Structuredpricing_optionsarray replaces the legacy pricing object on signals.pricing_option_idonactivate_signal.idempotency_keyonreport_usagefor preventing double-billing. -
Dimension Breakdowns — Opt-in reporting dimensions on
get_media_buy_delivery:by_geo,by_device_type,by_device_platform,by_audience,by_placement— each with truncation flags. Newreporting_dimensionsrequest parameter with per-dimensionlimitandsort_bycontrols. Capability declaration at seller level (get_adcp_capabilities→media_buy.reporting) and product level (reporting_capabilities). -
Device Type Targeting — New
device_typefield (form factor: desktop, mobile, tablet, ctv, dooh, unknown) distinct from existingdevice_platform(OS). Withdevice_type_excludefor negative targeting. Declared inget_adcp_capabilitiestargeting capabilities. -
Deliver-to Flattening — The nested
deliver_toobject inget_signalsrequest replaced with two top-level fields:destinationsandcountries. Simplifies queries where the caller is querying a platform’s own signal agent. -
Metric Optimization Capabilities — Products declare
metric_optimizationblock withsupported_metrics,supported_view_durations, andsupported_targets.max_optimization_goalson products. Conversion tracking declaressupported_targets.multi_source_event_dedupflag inget_adcp_capabilities. -
Swiss & Austrian Postal Codes —
ch_plzandat_plzadded to the postal-system enum, with corresponding updates toget_adcp_capabilities. -
Brand Identity Unification —
brand-manifest.jsondeleted. Task schemas now reference brands by{ domain, brand_id }(BrandRef) instead of passing inline manifests. Brand data is resolved frombrand.jsonor the registry at execution time. -
Delivery Forecasts on Products —
estimated_exposuresreplaced with structuredforecastfield using theDeliveryForecasttype. Products now return time periods, metric ranges, and methodology context during discovery. -
Proposal Refinement via Buying Mode —
proposal_idremoved fromget_productsrequest. Refinement now usesbuying_mode: "refine"with a typedrefinearray (see item 21). Session continuity (context_idin MCP,contextIdin A2A) carries conversation history across calls. Proposal execution viacreate_media_buywithproposal_idis unchanged. -
First-Class Catalogs —
sync_catalogstask with 13 catalog types (structural and industry-vertical). Formats declarecatalog_requirements. Catalogs includeconversion_eventsandcontent_id_typefor attribution alignment. -
New Tasks —
get_media_buysfor operational campaign monitoring,get_creative_featuresfor creative governance,sync_audiencesfor CRM-based audience management. -
Buying Mode —
buying_modeonget_productswith three modes:brief(natural language discovery),wholesale(full catalog), andrefine(typed change-requests on previous results). Now required on allget_productscalls. -
Sandbox Mode —
sandboxprotocol parameter on all tasks for testing without side effects. -
Creative Brief Type —
CreativeBrieftype onbuild_creativerequest for structured creative direction. -
Campaign Reference —
campaign_reffield for cross-operation campaign grouping across multiple media buys. -
Geo Proximity Targeting —
geo_proximitytargeting overlay for point-based proximity targeting. Three methods:travel_timeisochrones (e.g., “within 2hr drive of Düsseldorf”),radius(e.g., “within 30km of Heathrow”), and pre-computedgeometry(buyer provides a GeoJSON polygon). Structured capability declaration inget_adcp_capabilitieswith per-method and transport mode support. -
Typed Refinement with Seller Acknowledgment —
refineredesigned from nested object to typed change-request array withscopediscriminator (request,product,proposal). Field renames:product_id/proposal_id→id,notes→ask. Seller responses includerefinement_applied— a positionally-matched array with per-askstatus(applied,partial,unable) and notes. -
AI Provenance and Disclosure —
provenanceobject on creative manifests, assets, and artifacts for AI content transparency. IPTC-aligneddigital_source_typeenum (9 values),ai_toolmetadata,human_oversightlevels, C2PA soft references viamanifest_url, regulatorydisclosurewith per-jurisdiction requirements (EU AI Act, California SB 942), and third-partyverificationresults.provenance_requiredon creative policy for seller enforcement. -
Creative Compliance —
complianceobject on creative briefs withrequired_disclosures(structured items with text, position, jurisdictions, regulation, minimum duration) andprohibited_claims. Newdisclosure-positionenum with 8 standard positions. Formats declaresupported_disclosure_positions.supports_compliancecapability flag replacessupports_brief. -
Manifest Unification — Creative manifest model unified to
format_id+assets. Briefs and catalogs become proper asset types (brief,catalog) within the assets map. All asset reference lists across creative-manifest, creative-asset, and list-creatives-response aligned to 14 asset types with consistentanyOfvalidation. -
Structured Error Recovery —
recoveryfield on errors with three classifications:transient(retry after delay),correctable(fix request and resend),terminal(requires human action). 18 standard error codes (INVALID_REQUEST,RATE_LIMITED,POLICY_VIOLATION,PRODUCT_UNAVAILABLE, etc.) with recovery mappings in the newerror-codeenum. -
Agent Ergonomics —
fieldsparameter onget_productsfor response projection (24 projectable fields).include_package_daily_breakdownopt-in on delivery reporting. Request-sideattribution_windowfor cross-platform normalization. Buy-levelstart_time/end_timeonget_media_buys.supported_pricing_modelson seller capabilities. Audience metadata:description,audience_type(crm, suppression, lookalike_seed),tags, andtotal_uploaded_countfor match rate calculation. -
Signal Deactivation —
actionfield onactivate_signalwithactivate(default) anddeactivatevalues for compliance-driven signal removal. -
Signal Metadata —
categories(valid values for categorical signals) andrange(min/max for numeric signals) on signal entries inget_signalsresponses. -
Media Buy Rejection —
rejectedstatus added to media-buy-status enum withrejection_reasonon the MediaBuy object. -
Idempotency —
idempotency_keyonupdate_media_buyandsync_creativesfor at-most-once execution.idempotency_keyadded tocreate_media_buyfor at-most-once creation.
Breaking Changes
Other Changes
audience-sourceenum for breakdown-level audience attributiondevice-typeenum (desktop, mobile, tablet, ctv, dooh, unknown) for form factor targeting and breakdown reportingsort-metricenum for controlling breakdown sort ordergeo-breakdown-supportschema for declaring per-geography breakdown capabilities- Keyword targeting capability flags in
get_adcp_capabilities reportingobject inget_adcp_capabilitiesfor declaring dimension breakdown supportgeo_proximitycapability object inget_adcp_capabilitiesfor declaring supported proximity methods and transport modeserror-codeenum with 18 standard error codes and recovery classificationsdisclosure-positionenum (8 standard positions for regulatory disclosures)digital-source-typeenum (9 IPTC-aligned values for AI content classification)provenancecore object for AI content transparency across creative schemasconsent-basisenum extracted fromsync_audiences(consent, legitimate_interest, contract, legal_obligation)date-rangeanddatetime-rangecore types replacing inline period objects- Property list filters relaxed:
countries_allandchannels_anyno longer required - Signal
categoriesandrangemetadata onget_signalsresponses rejectedmedia buy status withrejection_reasonidempotency_keyonupdate_media_buyandsync_creatives- Removed
not:{}patterns from 7 response schemas for Python codegen compatibility
Version 3.0.0-beta.3
Status: Beta | AdCP 3.0 overviewWhat’s New
-
Delivery Forecasting - Predict campaign performance before committing budget. New
DeliveryForecasttype with budget curves, forecast methods (estimate, modeled, guaranteed), daypart targeting windows, and GRP demographic notation. Forecasts attach to product allocations and proposals, enabling budget curve analysis across spend levels. -
Brand Protocol - Brand discovery and identity resolution via
brand.json. Four manifest variants (authoritative redirect, house redirect, brand agent, house portfolio) with builder tools, registry, and admin UI. Brands declareauthorized_operatorsto control which agents can represent them. -
Account Management -
sync_accountstask lets agents declare brand portfolios to sellers with upsert semantics. Account capabilities inget_adcp_capabilitiesdescribe billing requirements and operator authorization. Two billing models (operator, agent) with account lifecycle (active, pending_approval, payment_required, suspended, closed).account_idis optional oncreate_media_buy— single-account agents can omit it. -
Commerce Media - Catalog-driven product discovery (
catalogonget_products), catalog-driven packages, per-catalog-item delivery reporting (by_catalog_item), store catchment targeting, andcatalog_typeson products. Cross-retailer GTIN matching via catalog selectors. Commerce attribution metrics (roas,new_to_brand_rate) in delivery response. See the Commerce Media Guide and Catalogs. -
Creative Delivery Reporting - Per-creative metrics breakdown within
by_packagein delivery responses. Newget_creative_deliverytask on creative agents for variant-level delivery data with manifests. Three variant tiers: standard (1:1), asset group optimization, and generative creative. Format-levelreported_metricsdeclare which metrics each format can provide. -
CPA & TIME Pricing Models - Two new pricing models. CPA (Cost Per Acquisition) for outcome-based campaigns — covers CPO, CPL, CPI use cases differentiated by
event_type. TIME for sponsorship-based advertising where price scales with duration (hour, day, week, month) with optional min/max constraints. -
Conversion Tracking - New events protocol with
sync_event_sourcesandlog_eventtasks for attribution and measurement. - Signal Catalog - Data providers become first-class members with signal definitions, categories, targeting schemas, and value types. New schemas for signal discovery and integration into products.
-
Cursor-Based Pagination - All list operations (
list_creatives,tasks_list,list_property_lists,get_property_list,get_media_buy_artifacts) standardized on cursor-based pagination with sharedpagination-request.jsonandpagination-response.jsonschemas. -
Accessibility in Creative Formats - Two-layer accessibility model. Format-level
wcag_level(A/AA/AAA) andrequires_accessible_assetsflag. Asset-level metadata for inspectable assets (alt text, captions, transcripts) and self-declared properties for opaque assets (keyboard navigable, motion control). Buyers can filter bywcag_levelinlist_creative_formats. -
Targeting Restrictions & Geo Exclusion - Functional restriction overlays for age (with verification methods), device platform (Sec-CH-UA-Platform values), and language localization. Geographic exclusion fields (
geo_countries_exclude,geo_regions_exclude,geo_metros_exclude,geo_postal_areas_exclude) enable RCT holdout groups and regulatory exclusions. -
Typed Asset Requirements - Discriminated union schemas for all 12 asset types (image, video, audio, text, markdown, HTML, CSS, JavaScript, VAST, DAAST, URL, webhook) using
asset_typeas discriminator. -
Universal Macros -
universal-macro.jsonenum defining all 54 standard ad-serving macros, including 6 new additions:GPP_SID,IP_ADDRESS,STATION_ID,COLLECTION_NAME,INSTALLMENT_ID,AUDIO_DURATION. -
Brand Manifest Improvements - Structured tone object with
voice,attributes,dos,dontsfields. Logo objects gainorientation,background,variant,usagefields.
Breaking Changes
Other Changes
optimization_goalson package requests — buyers can specify conversion and metric optimization goals when creating or updating media buys- Attribution window metadata on delivery response:
click_window_days,view_window_days, and attributionmodel(last_touch, first_touch, linear, time_decay, data_driven) - Channel fields on property and product schemas:
supported_channelsandchannelsreferencing Media Channel Taxonomy enum account_idadded toget_media_buy_deliveryandget_media_buy_artifactsrequestsdate_range_supportin reporting capabilitiesminItems: 1on request-side arrays for stricter validationFormatCategoryenum andtypefield removed from Format objects (useassetsarray instead)format_idoptional inpreview_creative(falls back tocreative_manifest.format_id)selection_modeon repeatable asset groups to distinguish sequential (carousel) from optimize (asset pool) behavior- Session ID fallback recommendation for MCP agent
context_id
Version 3.0.0-beta.2
Status: Beta | Full Changelog | AdCP 3.0 overview Building on beta.1, this release adds account-level billing, property targeting controls, CTV technical specs, and agent-driven UI rendering for Sponsored Intelligence.What’s New
-
Accounts & Agents - AdCP now distinguishes Brand (whose products are advertised), Account (who gets billed), and Agent (who places the buy). New
account_idfield on media buys, product queries, and creative operations enables multi-account billing with rate cards and credit limits. -
Property Targeting - Products can declare
property_targeting_allowedto let buyers target a subset of publisher properties. When enabled, buyers pass aproperty_listin their targeting overlay and the package runs on the intersection. - A2UI for Sponsored Intelligence - Sponsored Intelligence sessions now support agent-driven UI rendering via MCP Apps, enabling rich interactive experiences within AI assistants.
- CTV & Streaming Constraints - Video formats gain technical constraint fields for frame rate, HDR, GOP structure, and moov atom position. Audio formats add codec, sampling rate, channel layout, and loudness normalization (LUFS/true peak) fields.
-
Creative Protocol Discovery -
get_adcp_capabilitiesnow includes"creative"insupported_protocols, letting agents discover creative services at runtime.
Schema Changes
- New
account.json,list-accounts-request.json,list-accounts-response.jsonschemas account_idadded tocreate-media-buy-request,get-products-request,sync-creatives-request, and their responses- Shared
price-guidance.jsonschema extracted to fix duplicate type generation across pricing options property_targeting_allowedandproperty_listfields added to product and targeting overlay schemas- Video/audio asset schemas extended with CTV technical constraint fields
Removed
Version 3.0.0-beta.1
Status: Beta | Full Changelog | AdCP 3.0 overviewWhat’s New
Version 3.0.0 is a major release that expands AdCP beyond media buying into governance, brand suitability, and conversational commerce. See the AdCP 3.0 overview for detailed upgrade instructions. 🎯 Key Themes:- Media Channel Taxonomy - Complete overhaul from 9 format-oriented channels to 19 planning-oriented channels that reflect how buyers allocate budgets. See Media Channel Taxonomy.
- Governance Protocol - New protocol domain for property lists, content standards, and brand suitability evaluation with collaborative calibration workflows.
- Sponsored Intelligence Protocol - Conversational brand experiences in AI assistants. Defines how hosts invoke brand agent endpoints for rich engagement without breaking conversational flow. See Sponsored Intelligence.
-
Protocol-Level Capability Discovery -
get_adcp_capabilitiestask replaces agent card extensions, providing runtime discovery of capabilities, supported protocols, and geo targeting systems. - Creative Assignment Weighting - Replace simple creative ID arrays with weighted assignments supporting traffic allocation and placement targeting.
- Global Geo Targeting - Structured geographic targeting with named systems (Nielsen DMA, UK ITL, Eurostat NUTS2, etc.) for international markets.
Breaking Changes Summary
See AdCP 3.0 overview for detailed before/after examples and migration steps.
New Protocol Domains
Governance Protocol
Brand suitability and inventory curation:- Property Lists -
create_property_list,get_property_list,update_property_list,delete_property_list,list_property_lists - Content Standards -
create_content_standards,get_content_standards,update_content_standards,calibrate_content,validate_content_delivery - Product Filtering - Pass property lists to
get_productsfor compliant inventory discovery
Sponsored Intelligence Protocol
Conversational brand experiences:- Session Management -
si_get_offering,si_initiate_session,si_send_message,si_terminate_session - Capability Negotiation - Brands declare modalities (voice, video, avatar), hosts respond with supported capabilities
- Commerce Handoff - Seamless transition to AdCP for transactions
New Features
get_adcp_capabilitiestask - Runtime capability discovery replacing agent card extensions- Unified asset discovery -
assetsarray withrequiredboolean for full asset visibility - Property list filtering - Pass governance lists to
get_productsfor brand-safe inventory
Removed in v3
Quick Migration Checklist
- Update channel enum values (taxonomy guide)
- Replace
creative_idswithcreative_assignments - Add system specification to metro/postal targeting
- Implement
get_adcp_capabilitiestask - Update format parsing to use
assetsarray
Version 2.5.0
Released: November 2025 | Full ChangelogWhat’s New
Version 2.5.0 is a developer experience and API refinement release that significantly improves type safety, schema infrastructure, and creative workflow performance. This release prepares AdCP for production-scale integrations with better TypeScript/Python code generation, stricter validation semantics, and flexible schema versioning. 🎯 Key Themes:- Type Safety & Code Generation - Comprehensive discriminator fields throughout the protocol enable excellent TypeScript/Python type inference and eliminate ambiguous union types.
- Batch Creative Previews - Generate previews for up to 50 creatives in a single API call with optional direct HTML embedding, reducing preview generation time by 5-10x.
-
Schema Infrastructure - Build-time schema versioning with semantic paths (
/schemas/2.5.0/,/schemas/v2/,/schemas/v2.5/) enables version pinning and automatic minor version tracking. - API Consistency - Atomic response semantics (success XOR error) and standardized webhook payloads eliminate ambiguity and improve reliability.
- Signal Protocol Refinement - Activation keys returned per deployment with permission-based access, enabling proper multi-platform signal activation.
-
Template Formats - Dynamic creative sizing with
accepts_parametersenables formats that accept runtime dimensions, durations, and other parameters. - Enhanced Product Discovery - Structured filters with date ranges, budget constraints, country targeting, and channel filtering improve product search precision.
Key Enhancements
Type Safety & Code Generation
- Discriminator fields added to all discriminated union types (destinations, pricing, property selectors, preview requests/responses)
- Atomic response semantics - All task responses now use strict success XOR error patterns with
oneOfdiscriminators - Explicit type declarations on all const fields for proper TypeScript literal type generation
- 31 new enum schemas extracted from inline definitions for better reusability
Schema Infrastructure
- Build-time versioning - Schemas now support semantic version paths (
/schemas/2.5.0/), major version aliases (/schemas/v2/), and minor version aliases (/schemas/v2.5/) - Consistent media buy responses - Both
create_media_buyandupdate_media_buynow return full Package objects - Standardized webhook payload - Protocol envelope at top-level with task data under
resultfield
Product Discovery
- Structured filters - Extracted filter objects into separate schemas (
product-filters.json,creative-filters.json,signal-filters.json) - Enhanced filtering - Date ranges (
start_date,end_date), budget ranges with currency, country targeting, and channel filtering - Full enum support - Filters now accept complete enum values without artificial restrictions
Signal Protocol
- Activation keys -
activate_signalnow returns deployment-specific activation keys (segment IDs, key-value pairs) based on authenticated permissions - Consistent terminology - Standardized on “deployments” throughout signal requests and responses
Creative Protocol
- Batch preview support - Preview multiple creatives in one request (
preview_creativesupports 1-50 items) - Direct HTML embedding - Responses can include raw HTML for iframe-free rendering
- Simplified brand manifest - Single required field (
name) eliminates duplicate type generation - Template formats -
accepts_parametersfield enables dynamic formats (e.g., display_[width]x[height], video_[duration]s) - Inline creative updates -
sync_creativestask provides upsert semantics for updating creatives in existing campaigns
Documentation & Testing
- Testable documentation - All code examples can be validated against live schemas
- Client library prominence - NPM badges and installation instructions in intro
- Fixed 389 broken links across 50 documentation files
Migration Guide
Discriminator Fields (Breaking)
Many schemas now require explicit discriminator fields. Update your code to include these fields: Signal Destinations:Webhook Payload Structure (Breaking)
Webhook payloads now use protocol envelope at top-level: Before:Signal Activation Response (Breaking)
activate_signal response changed from single key to deployments array:
Before:
Template Formats
Formats can now accept parameters for dynamic sizing: Template Format Definition:parameters_from_format_id: true flag indicates dimensions come from the format_id at usage time.
Usage (parameterized format_id):
Enhanced Product Filtering
New structured filters inget_products:
Schema Versioning
New version paths available:/schemas/2.5.0/- Exact version/schemas/v2.5/- Latest 2.5.x patch (auto-updates for patch releases)/schemas/v2/- Latest 2.x release (auto-updates for minor/patch)/schemas/3.0.19/- Backward compat alias (same as v2)
Breaking Changes
- Discriminator fields required in destinations, property selectors, pricing options, and preview requests
- Webhook payload structure - Task data moved under
resultfield;domainno longer required - Signal activation response - Changed from
activation_keystring todeploymentsarray - Removed legacy creative fields -
media_url,click_url,durationremoved fromlist_creativesresponse
Non-Breaking Additions
- Application
contextobject (optional) in all task requests product_cardandformat_cardfields (optional) for visual UI support- Batch preview mode in
preview_creative(backward compatible) - Package pricing fields in delivery reporting (already documented, now schema-enforced)
- Minor version symlinks (
/schemas/v2.5/)
Version 2.3.0
Released: October 2025 | Full ChangelogWhat’s New
Publisher-Owned Property Definitions - Properties are now owned by publishers and referenced by agents, following the IAB Tech Lab sellers.json model. This eliminates duplication and creates a single source of truth for property information. Placement Targeting - Products can now define multiple placements (e.g., homepage banner, article sidebar), and buyers can assign different creatives to each placement within a product purchase. Simplified Budgets - Budget is now only specified at the package level, enabling mixed-currency campaigns and eliminating redundant aggregation at the media buy level.Migration Guide
Publisher-Owned Properties
Before:https://dailyplanet.com/.well-known/adagents.json.
Remove Media Buy Budget
Before:Breaking Changes
propertiesfield in products →publisher_propertieslist_authorized_propertiesreturnspublisher_domainsarray- Removed
budgetfrom create_media_buy/update_media_buy requests
Version 2.2.0
Released: October 2025 | Full ChangelogWhat’s New
Build Creative Alignment - Thebuild_creative task now follows a clear “manifest-in → manifest-out” transformation model with consistent parameter naming.
Migration Guide
Before:Breaking Changes
build_creativeparameter renamed:source_manifest→creative_manifest- Removed
promoted_offeringsas top-level parameter (now in manifest assets)
Version 2.1.0
Released: January 2025 | Full ChangelogWhat’s New
Simplified Asset Schema - Separated asset payload schemas from format requirement schemas, eliminating redundancy. Asset types are now determined by format specifications rather than declared in manifests.Migration Guide
Before:Breaking Changes
- Removed
asset_typefield from creative manifest payloads - Schema paths changed:
/creative/asset-types/*.json→/core/assets/*-asset.json - Constraint fields moved from asset payloads to format specifications
Version 2.0.0
Released: October 2025 | Full ChangelogWhat’s New
First production release of the Advertising Context Protocol with:- 8 Media Buy Tasks - Complete workflow from product discovery to delivery reporting
- 3 Creative Tasks - AI-powered creative generation and management
- 2 Signals Tasks - First-party data integration
- Standard Formats - Industry-standard display, video, and native formats
- Multi-Protocol Support - Works with MCP and A2A
Core Features
- Natural language product discovery with brief-based targeting
- Asynchronous task management with human-in-the-loop approvals
- JSON Schema validation for all requests and responses
- Publisher-owned property definitions via
.well-known/adagents.json - Comprehensive format specifications with asset requirements
Versioning and deprecation
See Versioning & Governance for the canonical version tiers, release cadence, 3.x stability guarantees, and deprecation policy. See the v2 sunset page for the v2 end-of-life timeline.Additional Resources
- Technical Changelog - CHANGELOG.md
- GitHub Releases - Release Archive
- Community - Slack
- Issues - GitHub Issues
- Support - support@adcontextprotocol.org