What does is_confidential mean in sellers.json?

An entry with is_confidential: 1 hides the seller's name and domain while still declaring the seller ID exists. It is allowed by the spec, but buyers should treat a high share of confidential entries as a transparency red flag and price that risk accordingly.

ads.txt vs sellers.json, explained.

Q: Is sellers.json mandatory?

Not legally, but practically yes. It is an IAB Tech Lab specification, and major DSPs increasingly down-rank or block supply from intermediaries that don't publish one. A missing or stale sellers.json reads as something to hide.

Q: Does ads.txt stop ad fraud?

It stops one specific fraud: unauthorized reselling and domain spoofing, where a fraudster sells inventory pretending to be a legitimate publisher. It does nothing about made-for-advertising content, non-viewable placements, or bots. It's necessary, not sufficient.

Q: What is app-ads.txt and who needs it?

app-ads.txt is the same authorization mechanism for apps and connected TV: the file lives on the developer's website domain declared in the app stores, and buyers match it against the app's bundle metadata. Any app or CTV publisher monetizing programmatically should host one.

ads.txt is the publisher's public list of who is authorized to sell its inventory. sellers.json is the ad platform's public list of who it pays. One file looks down the supply chain, the other looks up — and together with the SupplyChain object they make every programmatic dollar traceable. If anyone bothers to look.

By AdvelizePublished June 10, 2026Cluster: Programmatic transparency

The two files, side by side.

	ads.txt	sellers.json
Who publishes it	The publisher (or app developer, via app-ads.txt)	The exchange, SSP, or any intermediary
Where it lives	`publisher.com/ads.txt`	`platform.com/sellers.json`
What it declares	Which seller accounts may sell this site's inventory, as DIRECT or RESELLER	Which entities receive payment, as PUBLISHER, INTERMEDIARY, or BOTH
What it proves	Authorization — this seller isn't spoofing the domain	Identity — this seller ID belongs to a named business
IAB spec since	2017	2019

What ads.txt actually does.

Each line of an ads.txt file is a standing claim: "account 3755 at this exchange is allowed to sell my inventory." When a buyer's bid request claims to be publisher.com inventory, the DSP can check whether the seller account in the request appears in publisher.com's ads.txt. If it doesn't, someone is selling counterfeit inventory — the domain-spoofing fraud that ads.txt was invented to kill.

The DIRECT/RESELLER flag matters more than most buyers treat it. DIRECT means the publisher has a direct business relationship with the seller account; RESELLER means somebody downstream is re-offering it. A path stacked with resellers isn't necessarily fraudulent — but every reseller is a margin, and margins are exactly what a supply path audit exists to question.

For apps and connected TV the same mechanism is called app-ads.txt: the file sits on the developer's website (the domain declared in the app store listing), and buyers match it against the app's bundle metadata. CTV publishers who skip it are invisible to increasingly strict DSP filters.

What sellers.json actually does.

sellers.json points the other way. It answers: "when money flows into this platform, which businesses does it flow out to?" Every seller ID is declared as a PUBLISHER (owns the inventory), an INTERMEDIARY (sits between), or BOTH — with a name and domain attached. You can read ours at advelize.com/sellers.json; any platform that takes a fee should let you do the same.

The spec permits confidential entries (is_confidential: 1), which hide the seller's name while admitting the ID exists. Used sparingly, fine. But when a large share of a platform's sellers.json is confidential, a buyer is being asked to pay parties who decline to be named — which is a price-relevant fact, not a technicality.

How they combine: the schain.

The third piece is the SupplyChain object (schain) attached to each bid request, which lists every node a request passed through. The verification loop works like this: schain names the hops → each hop's sellers.json proves who that node is → the publisher's ads.txt proves the final seller was authorized. Any link that fails — a missing file, an undeclared seller ID, a RESELLER posing as DIRECT — is a hole in the chain, and holes are where the untraceable spend lives. The ISBA/PwC studies watched untraceable programmatic spend fall from 15% to 3% once buyers actually started running this loop.

What failure looks like in the wild.

The classic findings, in declining order of severity: a seller ID in your bid path that appears in no sellers.json at all; an ads.txt entry marked DIRECT for an account the publisher has never heard of; sellers.json files that 404, are years stale, or are mostly confidential; and reseller chains four hops deep to reach a publisher who would happily sell you the same impression in one. None of these requires sophisticated fraud detection to find — they require someone willing to read the files.

Questions buyers actually ask.

Is sellers.json mandatory?

Not legally — it's an IAB Tech Lab spec. Practically, yes: major DSPs down-rank or block supply from intermediaries that don't publish one. A missing sellers.json reads as something to hide.

What does is_confidential mean?

The entry's name and domain are withheld while the seller ID is acknowledged. Allowed by the spec; a red flag at scale. Treat heavily-confidential platforms as higher risk and price accordingly.

Does ads.txt stop ad fraud?

It stops domain spoofing and unauthorized reselling. It does nothing about made-for-advertising content, non-viewable placements, or bot traffic. Necessary, not sufficient.

What is app-ads.txt and who needs it?

The same authorization file for apps and CTV, hosted on the developer's website domain from the app store listing. Any app or CTV publisher monetizing programmatically should host one.

Want your supply chain read line by line?

Talk to a strategist →

Sources: IAB Tech Lab ads.txt (2017) and sellers.json / SupplyChain object (2019) specifications; ISBA/PwC Programmatic Supply Chain Transparency Studies (2020, 2022). Updated June 2026.