sync_plans
Experimental. Campaign governance (
sync_plans, check_governance, report_plan_outcome, get_plan_audit_logs) is part of AdCP 3.0 as an experimental surface — it may change between 3.x releases with at least 6 weeks’ notice. Sellers implementing it MUST declare governance.campaign in experimental_features. See experimental status for the full contract.Request
Response
How it works
Plans originate in external systems — an agency’s planning tool, a brand’s budget system, an insertion order.sync_plans pushes them to the governance agent so it knows what to validate against.
Syncing a plan that already exists (same plan_id) updates it. The governance agent increments the version and re-evaluates any active campaigns against the updated rules. This handles mid-flight amendments like budget increases or channel additions. Content-standards versions follow a separate pinned-at-buy rule — see content standards versioning.
Multiple campaigns (identified by governance_context in check_governance and report_plan_outcome) can reference the same plan. The governance agent tracks budget across all campaigns tied to a plan.
The plan specifies campaign context — budget, channels, flight dates, and authorized markets. The governance agent resolves applicable policies from the brand’s compliance configuration, but plans can also reference registry policies directly via policy_ids and include campaign-specific rules via custom_policies. This supports both centralized policy management (brand-level) and campaign-specific overrides when the buying team needs additional requirements for a particular campaign.
countries and regions serve two purposes:
- Geo enforcement — The governance agent rejects governed actions targeting outside the plan’s markets. A plan with
regions: ["US-MA"]blocks actions that don’t explicitly target Massachusetts. - Policy resolution — The agent finds all policies whose jurisdictions overlap with the plan’s markets. A plan with
countries: ["US"]is subject to all US federal and state-level policies. A plan with onlyregions: ["US-MA"]is subject to Massachusetts-specific and federal policies.
product-filters, offerings, and create_media_buy — ensuring consistent geo vocabulary across the protocol. A pharma campaign running nationally uses countries: ["US"]; a cannabis campaign limited to legal states uses regions: ["US-CO", "US-CA", "US-MA"].
Plan-hash preimage
Each plan item a buyer supplies here is the preimage the governance agent hashes to produce theplan_hash audit-layer claim carried in every signed governance_context. Canonicalization rules, the closed bookkeeping exclusion list, retention obligations, and the full set of reference test vectors are specified in Plan binding and audit. Governance-agent implementers SHOULD run their hashing code against the eleven vectors under static/compliance/source/test-vectors/plan-hash/ before shipping.
Fields
Request
Response
Audience constraints
Plans can declare audience targeting constraints using theaudience field. Each constraint is an audience selector — either a reference to a specific signal or a natural language description.
Signal reference — points to a specific signal in a data provider’s published signal definitions:
check_governance. Signal references enable structural matching; descriptions require semantic comparison.
Restricted attributes
Therestricted_attributes field declares personal data categories that must not be used for targeting. Values are GDPR Article 9 special categories: racial_ethnic_origin, political_opinions, religious_beliefs, trade_union_membership, health_data, sex_life_sexual_orientation, genetic_data, biometric_data.
The governance agent matches these against signal definitions that declare their own restricted_attributes. Signals with matching attributes are blocked from targeting. For signals without declared attributes, the governance agent falls back to semantic inference from the signal name and description.
Policy categories
Thepolicy_categories field declares which regulatory regimes apply. Categories are defined in the policy registry and group related regulations — for example, children_directed covers COPPA, UK AADC, and GDPR Article 8.
Policy categories are distinct from brand.industries. Industries describe what a company does; policy categories describe what regulatory regimes apply to a specific campaign. A pharmaceutical company (industries: ["pharmaceuticals"]) running a general awareness campaign might not need pharmaceutical_advertising as a policy category if the campaign doesn’t promote specific drugs.
Error codes
Related tasks
check_governance— Validate actions against this planreport_plan_outcome— Report outcomes back to update plan stateget_plan_audit_logs— View plan state and audit trail