Skip to main content
Ask a brand-agent a verification question about a facet of its identity. This is a prerequisite gate — check before you proceed, not a signal you consume after a decision is locked in. One tool with four claim types covers the verification dimensions: The brand-agent answers using its own data — which is brand.json plus the richer states (pending_review, transferring, licensed_in, etc.) that the static file can’t express. The tool is one specific-question affordance on top of the same identity surface get_brand_identity reads. For high-volume verification (portfolio refresh, creative-clearance batches, crawler scans), use the bulk variant verify_brand_claims — same per-claim semantics, one round-trip and one rate-limit slot for the whole batch.

The trust rule — two calls, not one

A single signed owned response is NOT trust-extending. Mutual assertion remains the floor for positive trust. This is the load-bearing rule of the asymmetric trust model — assertion direction requires both sides to agree. Consumers MUST call both sides when extending relationship trust:
  • For subsidiary claims, also call the leaf’s brand-agent with claim_type: "parent" (or crawl the leaf’s brand.json for its house_domain).
  • For property claims, cross-check against the brand’s static brand.json properties[] and (for domains) DNS/TLS evidence.
  • For trademark claims, cross-check the public registry record. For licensed_in specifically, the licensor named in details.licensor_domain SHOULD reciprocate licensed_out for the same mark before the licensing relationship is trusted.
  • Only rejections (disputed / not_ours) are authoritative on a single signed response — a brand has standing to refuse association unilaterally.
Shortcuts kill the trust model. Without the reciprocation step, a malicious or mistaken house could claim subsidiaries, properties, or licensed marks it doesn’t actually have. See brand.json § Agent-augmented verification for the full normative trust table and the malicious-house walkthrough.

Schema

Capability discovery

The brand-agent advertises this task in its get_adcp_capabilities response. An agent that supports only some claim types declares this via the per-tool capability extension:
When supported_claim_types is omitted, the agent advertises support for all four. Consumers MUST check before relying on a specific claim type; unsupported types return UNSUPPORTED_CLAIM_TYPE (see Error handling).

Minimum viable adoption

A brand-agent doesn’t have to ship all four claim types at once. Pick the slice that matches the workflow:
  • Property only — creative-clearance and inventory-onboarding consumers; the smallest useful surface.
  • Subsidiary + parent — partners doing brand-relationship establishment or governance-trust extension; ship both halves at once so mutual assertion completes at the agent layer.
  • Trademark only — creative-clearance pipelines that need licensee posture (the differentiator from registry crawls).
  • All four — full coverage; recommended for AAO-hosted agents serving many member configurations.
Advertise only the types you implement. Partners check supported_claim_types and route accordingly; unsupported types return UNSUPPORTED_CLAIM_TYPE cleanly.

Authorization tiers

The public/authorized split per claim type: Queue position, internal ticket state, and team routing are never exposed.

Per-claim-type request and response shapes

The details field on the response varies by claim_type. Below: the request payload and the typed details fields each claim type returns.

claim_type: "subsidiary"

House-side: a consumer detects converse.com claiming house_domain: nikeinc.com. Asks Nike’s agent:
The brand can also reject — rejection direction is authoritative on a single signed response, no reciprocation required:
Applicable statuses: owned, pending_review, transferring, disputed, not_ours, archived, unknown. (licensed_in / licensed_out don’t apply — subsidiaries aren’t licensed; brands and trademarks are.) archived means the brand once held this subsidiary (e.g., a divested business unit) but no longer does — distinct from not_ours (never owned). Request claim fields: Response details fields:

claim_type: "parent" (leaf-side mirror)

Leaf-side: a consumer wants the leaf’s authoritative answer about its parent. Asks Converse’s agent:
The leaf can also actively reject:
Applicable statuses: same as subsidiary (mirror). Request claim fields: Response details fields: When both verify_brand_claim with claim_type: "subsidiary" (on the house) AND with claim_type: "parent" (on the leaf) return owned for the same relationship, mutual assertion is established at the agent layer — no static-file crawl required. This is the cleanest path for trust extension.

claim_type: "property"

The request asks about one property; the response describes the brand’s relationship with that property, including all regions where the relationship applies (which may exceed the one named in the query).
A property that spans multiple regions (e.g., a global e-commerce surface) returns all of them:
The brand can also reject — rejection direction is authoritative on a single signed response:
Applicable statuses: owned, transferring, disputed, not_ours, archived, unknown. (pending_review is uncommon for properties; use transferring for in-flight ownership changes.) archived means the brand once operated this property (e.g., a sold-off domain) but no longer does. Request claim fields: Response details fields:

claim_type: "trademark"

licensed_in reciprocation. Consumers SHOULD treat licensed_in as unverified until the named licensor_domain’s brand-agent reciprocates licensed_out for the same mark (same mutual-assertion shape as ownership, just across the licensing edge). Without reciprocation, the brand could unilaterally claim a licensed relationship that doesn’t exist. The brand can also reject — rejection direction is authoritative on a single signed response:
Applicable statuses: owned, licensed_in, licensed_out, transferring, disputed, not_ours, archived, unknown. (pending_review is uncommon — trademark registrations are public-record events with definitive ownership at any given time.) archived means the brand once held this mark (expired, cancelled, transferred to another party) but no longer does. details fields:

Trust model

The agent’s response is signed under the brand’s adcp_use: "response-signing" JWK. This is a payload-envelope JWS — the signature lives inside the response body, distinct from RFC 9421 §2.2.9 transport response signing (which AdCP 3.x does not define). verify_brand_claim is on the spec’s designated-task response-signing list; response signing on tasks outside that list is forbidden. The signature attests authorship of the response payload under the brand’s published key during the envelope’s iat/exp window; it is not a non-repudiation receipt and does not bind the brand to assertions beyond the direction-asymmetric semantics below. The required signed_response envelope binds the response to the designated task, resolved brand_domain, responding agent_url, caller identity, request payload, and freshness window. Verifiers that rely on the signature MUST validate the envelope against response-payload-jws-envelope.json, reject expired envelopes for online decisions, and reject any mismatch between unsigned task-body fields and signed_response.payload.response. The trust model is direction-asymmetric:
  • Rejection direction (agent says disputed / not_ours) is authoritative. A brand can refuse association unilaterally; no mutual reciprocation required.
  • Assertion direction (agent says owned / pending_review / transferring / licensed_*) is informative but NOT trust-extending on its own. The reciprocating side must still confirm before trust extends.
When both the house-side and leaf-side agents speak (via claim_type: "subsidiary" and claim_type: "parent" respectively), mutual assertion is established at the agent layer. When only one side has an agent, fall back to crawl-based mutual-assertion inference per brand.json § Mutual-assertion trust model. See brand.json § Agent-augmented verification for the full trust table and the malicious-house walkthrough.

Caching

Per-status:
  • owned / not_ours / disputed — stable. 24-72h.
  • pending_review — volatile. Max-age ≤1h.
  • transferring — volatile until transition. Max-age ≤4h.
  • licensed_in / licensed_out — moderately volatile. 24h.
  • use_case_authorization — most volatile. Re-check per session.
  • unknown — short cache (≤1h).
Agents SHOULD set Cache-Control: max-age=N. Consumers MAY override downward but SHOULD NOT exceed agent-supplied max-age. Agents SHOULD set signed_response.payload.exp no later than the HTTP freshness lifetime implied by Cache-Control: max-age. Consumers using the signed response for online decisions MUST use the earlier of the HTTP cache expiry and the signed exp; after that point the envelope remains audit evidence only, not a fresh authorization signal.

Error handling