Skip to content

IAB Supply Chain Validation (app-ads.txt + sellers.json)

The Interactive Advertising Bureau (IAB) created app-ads.txt. It proves to advertisers that app publishers own the app that originates an ad request. App publishers host this text file on the website that is linked from the Google Play Store and/or Apple App Store. This file includes a reference to all ad sources that are authorized to sell your app inventory. You make this file publicly available and crawlable by exchanges, supply-side platforms (SSPs), other buyers, and third-party vendors.

When an app sends out an ad request, an advertiser checks the app store page for the developer website, finds the corresponding app-ads.txt file at that site, and verifies that the publisher ID in the ad request matches the ID in the app-ads.txt file. This prevents a malicious actor from faking ad requests from an app, because the publisher ID in their ad request will not match the publisher ID in the app-ads.txt file.

Many advertisers will not bid on apps that do not have a valid app-ads.txt file.

To maximize the number of bidders who bid on your app inventory, to maximize your revenue, and to safeguard your app against certain types of fraud, AppLovin strongly recommends that you maintain an app-ads.txt file and that you include AppLovin as an authorized ad source in that file.

How to Implement an app-ads.txt File

  1. Add your developer website to the app store.

    You must link your developer website in your store listings (in Google Play and/or the App Store) so that AppLovin and other ad platforms can establish your app’s ownership.

    • For Google Play, add your developer website URL in the Developer contact section of your app listing:
      1. Sign in to your Play Console.
      2. Select your app.
      3. In the menu on the left, select Store presence > Store listing.
      4. Scroll to Developer contact.
      5. Add your developer website URL.
    • For the Apple App Store, place your app-ads.txt file at the same domain that you use for App Privacy.
  2. Create your app-ads.txt file.

    Add the app-ads.txt file to the root directory of your developer website. In this file, list all authorized sellers of your app inventory. To do this, ask each of the ad networks that you connected to your app for the relevant lines you should add to your app-ads.txt file. Here is an example app-ads.txt file:

    # Network Name, Publisher/Account ID, Relationship Type, 9eaf9ad6dc92d5fcn6f47c30168fb8fq, DIRECT, 19435, DIRECT, 0aeed123c80d6423, pub-3940498599942544, DIRECT, f08c47fec0986fa0, 197af3936679d34e, RESELLER, 1ad675c9de6b5176

    You must format your app-ads.txt file according to the specifications of the IAB Tech Lab. This allows those who use your file to successfully verify it. Review the Authorized Sellers for Apps specification provided by the IAB Tech Lab.

    You must use utf-8 character encoding in your app-ads.txt file. Your web server must serve this file as Content-type: text/plain.

  3. Add AppLovin to your app-ads.txt file.

    You can find the relevant AppLovin lines to add to your app-ads.txt file at the Account > General > App-ads.txt Info page in the AppLovin Dashboard.

  4. Register the root domain of your developer website URL (for example: in the Domain field at Account > General > Basic Info in the AppLovin Dashboard.

    As per the IAB specification, you can use only one domain in the sellers.json file that AppLovin manages. If your MAX account is used by multiple studios or game developers then choose one of the following two options:

    • Use the same developer website URL in the store listings for all the apps that you manage with your AppLovin account.

    • If you cannot use the same developer website for all of the apps that you manage with the MAX account, then each of the developer websites must establish an HTTP redirect that diverts requests for the app-ads.txt file at these developer websites to the app-ads.txt file that you host on the Domain that you enter into your MAX Account. As per the IAB Spec, “Only a single HTTP redirect to a destination outside the original root domain is allowed to facilitate one-hop delegation of authority to a third party’s web server domain. If the third party location returns a redirect, then the advertising system should treat the response as an error.”

      For example, the MAX Account “Animal Kingdom” manages the apps from the following studios:

      • Studio Bears
      • Studio Tigers
      • Studio Monkeys

      The owner of the MAX Account should host an app-ads.txt file on and use as the Domain in the MAX UI (which is then published to AppLovin’s seller.json file). The studios set the developer websites for their apps in the store to be their sites— or or These studios must redirect requests for the app-ads.txt file at the domain of the developer websites indicated in the app store ( or or to

Best Practices

  • Double-check that you accurately copied-and-pasted each network line entry into your app-ads.txt file.

  • Reach out to all of your integrated ad partners (networks, exchanges, buyers, and so forth) to request their app-ads.txt entry for your file. Check with them regularly for updates.

  • Be careful of unknown companies reaching out directly and requesting to be added to your app-ads.txt file. AppLovin strongly advises that you only list companies that you and your direct SSP partners work with.

  • Use the helpful ads.txt Validator website to verify that your app-ads.txt entries are correct and up-to-date.

  • Check your app-ads.txt integration by using the Mediation Debugger. Here is an example of how the Mediation Debugger appears when you have successfully integrated app-ads.txt:

    MAX. SDK Version: 11.6.0. Plugin Version: None. Ad Review Version: ❌. app-ads.txt: ✅