AdCP JSON schemas: where to fetch them, the protocol tarball, schema versioning, bundled vs $ref-resolving variants, and how to verify supply-chain provenance via Sigstore.
Use this file to discover all available pages before exploring further.
The L0 wire layer is JSON-over-HTTP framed by published JSON Schemas. This page is the reference for getting the schemas — where they live, how to pin a version, how to verify supply-chain provenance, and the directory shape inside a release. If you’re picking an SDK rather than the schemas themselves, see Choose your SDK.
Syncing hundreds of individual schema files adds up. Every AdCP release also publishes a single gzipped tarball containing the complete protocol — schemas, compliance storyboards, and the OpenAPI registry — so clients can pull one artifact instead of crawling the tree.
Pull it once per version, cache by SHA, and you have everything needed to validate requests, run storyboards, and render documentation offline. The @adcp/sdksync-schemas command uses this under the hood.Available tarballs are also listed at /protocol/.
The SHA-256 sidecar lives on the same origin as the tarball, so it only protects against in-transit tampering. For supply-chain protection — proving the bundle came from the AdCP release workflow and was not swapped for a malicious one even if the host were compromised — every released {version}.tgz is also published with a Sigstore detached signature.The signature is produced by the GitHub Actions release workflow using keyless OIDC: there is no long-lived AdCP signing key to leak. The certificate binds the signature to the workflow identity that issued it.
# Pull the tarball and the two signature sidecarscurl -OL https://adcontextprotocol.org/protocol/3.1.0.tgzcurl -OL https://adcontextprotocol.org/protocol/3.1.0.tgz.sigcurl -OL https://adcontextprotocol.org/protocol/3.1.0.tgz.crt# Verify (requires cosign 2.x — `brew install cosign`)cosign verify-blob \ --signature 3.1.0.tgz.sig \ --certificate 3.1.0.tgz.crt \ --certificate-identity-regexp '^https://github\.com/adcontextprotocol/adcp/\.github/workflows/release\.yml@refs/(heads|tags)/.*$' \ --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \ 3.1.0.tgz
cosign verify-blob exits non-zero if the signature was made by anything other than the AdCP release workflow, even if the SHA matches and TLS is valid. Use this in any pipeline that ingests the protocol bundle as an enforcement source. The @adcp/sdk, adcp-client-python, and adcp-go SDKs perform this verification automatically when the sidecars are present.The refs/(heads|tags)/.* wildcard is intentional — releases sign during the push-triggered workflow run, so the cert subject names the release branch (e.g. refs/heads/3.0.x for v3.0.1+, refs/heads/main for v3.0.0). The trust gate is upstream release.yml’s on.push.branches allowlist, not the consumer’s regex. Literal-allowlist regexes ((main|2\.6\.x)-style) silently break every time a new maintenance branch is added — see Verifying protocol tarballs for the full trust model and the cert-subject-by-release lookup.Older releases that predate signing, and versions republished out of band (bypassing the signing workflow), remain checksum-only — clients should treat missing sidecars as a “checksum-only” trust level rather than a verification failure.
Enumerates available protocols, specialisms, and universal storyboards
Declare supported_protocols (for protocol baselines) and specialisms (for narrow capability claims) in get_adcp_capabilities — the compliance runner executes the matching bundles to verify. See the full Compliance Catalog for every protocol and specialism an agent can claim.
For tools that don’t support $ref resolution, use bundled schemas with all references resolved inline. Bundled schemas are available from both the website and GitHub:
Bundled schemas are committed to the repository at dist/schemas/{VERSION}/bundled/:
# Clone and access locallygit clone https://github.com/adcontextprotocol/adcp.gitls adcp/dist/schemas/3.0.0/bundled/media-buy/# Or fetch directly via GitHub rawcurl https://raw.githubusercontent.com/adcontextprotocol/adcp/main/dist/schemas/3.0.0/bundled/media-buy/get-products-request.json
# Get the full semver of the published schema bundle.# (Note: `published_version` carries full semver including patch.# It's distinct from the per-request/response wire `adcp_version`# field defined in core/version-envelope.json, which uses# release-precision — never send `published_version` on the wire.)curl https://adcontextprotocol.org/schemas/v3/index.json | jq '.published_version'
Check Release Notes for version history and migration guides.
The AgenticAdvertising.org registry provides a public REST API for brand resolution, property resolution, agent discovery, and authorization validation. No authentication required.
Registry API Reference
Resolve brands, discover agents, and validate authorization via REST.
