Key Takeaways

• Authorization checking happens automatically on every bid request. DSPs don't manually review publishers. Their algorithms check ads.txt, sellers.json, and schain data programmatically.
• The process is milliseconds fast but thorough. DSPs cache verification data and run checks in real time as bid requests arrive.
• Failed checks have immediate revenue consequences. A missing ads.txt entry doesn't generate a warning. It generates a rejected bid or a discounted bid, right now, on this impression.
• Advertisers don't see your ads.txt directly. They set policy at the DSP level, and the DSP enforces it. But the end result is the same: your verification status determines your access to advertiser budgets.
• Understanding the buyer perspective helps publishers prioritize fixes. Knowing which checks happen first and which failures are most severe guides your optimization efforts.

---

How Advertisers Check Publisher Authorization

From the publisher side, ads.txt feels like a static file you maintain and forget. From the buyer side, it's a critical data source queried billions of times per day.

Understanding how advertisers and their DSPs actually use your transparency data reveals why specific issues have specific revenue impacts.

The Buyer's Verification Stack

Who Does the Checking

Advertisers themselves rarely check ads.txt directly. The checking happens at three levels:

DSP algorithms. Every DSP has built-in verification that checks ads.txt, sellers.json, and schain on every bid opportunity. This is automatic and can't be overridden by individual campaigns.

Agency policies. Media buying agencies set supply quality requirements that get configured into DSP settings. These might include "only bid on ads.txt authorized inventory" or "require sellers.json verification for spend above $X CPM."

Verification vendors. Third-party verification companies (IAS, DoubleVerify, MOAT) provide additional supply chain validation layers that some advertisers require.

How Data Gets Cached

DSPs don't fetch your ads.txt on every bid request. That would be billions of HTTP requests per day. Instead:

1. Periodic crawling. DSPs crawl publisher ads.txt files every 24-72 hours (varies by DSP).
2. Local caching. The crawled data is stored in the DSP's verification database.
3. Real-time lookup. When a bid request arrives, the DSP checks the cached data, not the live file.

This caching mechanism is why ads.txt changes take 1-3 days to take effect. The change is live on your server immediately, but DSPs won't see it until their next crawl.

sellers.json follows the same caching pattern. SSP-side changes to sellers.json propagate to DSP caches within 24-72 hours.

The Check Sequence

When a DSP receives a bid request, the authorization check follows this sequence:

Check 1: Does ads.txt Exist?

The DSP checks whether the publisher domain has an ads.txt file in its cache. If no ads.txt exists:

• Some DSPs bid anyway but apply a risk discount
• Some DSPs only bid on certain campaign types (lower-value performance campaigns)
• A few DSPs refuse to bid entirely on domains without ads.txt

Having no ads.txt is increasingly penalized as the industry moves toward mandatory transparency.

Check 2: Is This Seller Authorized?

The DSP looks for the SSP domain and account ID from the bid request in the publisher's ads.txt. It checks:

• Does an entry exist for this exchange domain?
• Does the account ID match?
• What's the relationship type (DIRECT/RESELLER)?

If no matching entry is found, the seller is unauthorized. The DSP either rejects the bid or applies a heavy discount.

Check 3: Identity Verification

If the authorization check passes, the DSP checks the SSP's sellers.json for identity confirmation:

• Does the seller_id appear in sellers.json?
• Is the entry non-confidential?
• Does the domain in sellers.json match the publisher domain in the bid request?
• Does the seller_type align with the DIRECT/RESELLER designation in ads.txt?

Each verification failure reduces the DSP's confidence and typically triggers a bid discount.

Check 4: Supply Chain Path

The DSP examines the SupplyChain object (schain) in the bid request:

• Is the chain complete (complete=1)?
• Does the first node match the ads.txt entry?
• Can each subsequent node be verified against the corresponding entity's sellers.json?
• Is the path length reasonable?

Incomplete chains or unverifiable nodes reduce trust and bid prices.

Check 5: Policy Overlay

After technical verification, the DSP applies advertiser-specific policies:

• Brand safety requirements (content category restrictions)
• Inclusion/exclusion lists (preferred or blocked publishers)
• Quality thresholds (minimum viewability, maximum IVT rate)
• Budget constraints and campaign targeting

These policy checks determine whether the specific campaign bids, not whether the DSP bids at all.

What Happens When Checks Fail

The consequences depend on which check fails and how the DSP is configured:

| Failed Check | Typical DSP Response | Revenue Impact |

|-------------|---------------------|----------------|

| No ads.txt file | Reduced bidding or exclusion | Major (affects all demand) |

| Unauthorized seller | Bid rejection | Complete (no bid through that path) |

| Missing sellers.json entry | Bid discount or rejection | High (20-50% CPM reduction) |

| Confidential sellers.json | Bid discount | Moderate (10-30% CPM reduction) |

| Type mismatch | Bid discount + fraud flag | High (10-25% + potential exclusion) |

| Incomplete schain | Bid discount | Moderate (5-15% CPM reduction) |

| Brand safety failure | Campaign exclusion | Varies (campaign-specific) |

Multiple failed checks compound. A bid request with a sellers.json mismatch AND an incomplete schain gets hit with both discounts.

How Agencies Layer Requirements

Large media buying agencies add their own verification layers on top of DSP defaults:

Inclusion lists. Agencies maintain lists of approved publishers or supply paths. Getting on these lists may require demonstrating clean supply chain verification.

Quality thresholds. Agencies set minimum standards for viewability, IVT rates, and verification completeness. Publishers below threshold are excluded from agency-managed campaigns.

Preferred supply paths. Agencies may specify which SSPs they prefer to buy through. If your inventory reaches the DSP through a non-preferred SSP, the agency's campaigns may not bid even if your verification is clean.

Quarterly reviews. Some agencies review their supply chain quality quarterly and adjust inclusion lists based on verification data.

What Publishers Can Learn From This

Priority 1: Make Sure You Can Be Verified

The most basic requirement: have an ads.txt file that's accessible, properly formatted, and complete. Without this, you fail the first check on every bid request.

Priority 2: Ensure Identity Verification Passes

Your sellers.json entries across all SSPs should be present, non-confidential, and accurate. This is the check that most commonly fails for publishers who have ads.txt in place.

Priority 3: Minimize Verification Friction

The smoother your verification profile, the more demand you access:

• Clean, consistent data across ads.txt and sellers.json
• Short supply paths with complete schain
• No mismatches between relationship types

Priority 4: Monitor from the Buyer Perspective

Use BeamFlow's scanner to see your supply chain the way DSPs see it. This buyer-side perspective reveals issues that are invisible from the publisher dashboard.

Frequently Asked Questions

Can I see which DSPs are checking my ads.txt?

Not directly. DSP crawling isn't logged on your server in a way that identifies specific DSPs. You can see crawler traffic in server logs, but attributing it to specific DSPs requires analysis of user agent strings, which aren't always identifiable.

How do I get on an agency's inclusion list?

Agency inclusion lists are typically managed through SSP relationships and direct sales conversations. Having clean supply chain verification is a prerequisite but not sufficient. You also need relevant audience, quality content, and competitive pricing.

Do all DSPs enforce ads.txt the same way?

No. Enforcement varies. Some DSPs strictly reject all unauthorized supply. Others apply graduated discounts. A few are lenient. The trend is toward stricter enforcement across the board.