What Is App-ads.txt and Why Should You Care
App-ads.txt is an IAB Tech Lab standard that lets mobile app publishers declare which ad networks, exchanges, and resellers are authorized to sell their ad inventory. It is the mobile app equivalent of the ads.txt standard used on websites, adapted for the unique way app inventory is bought and sold programmatically.
The problem it solves is straightforward: without app-ads.txt, fraudsters can impersonate your app in ad exchanges and sell fake impressions under your app's name. This is called domain spoofing or app spoofing, and it siphons advertiser budgets into fraudulent inventory while simultaneously depressing the eCPMs available for your legitimate impressions.
If you are a mobile game or utility app publisher running any form of programmatic advertising, implementing app-ads.txt is not optional. It is a baseline requirement that directly protects your revenue.
How App-ads.txt Prevents Ad Fraud
The mechanism is simple but effective. When an advertiser or demand-side platform (DSP) receives a bid request claiming to be from your app, they can verify that claim by checking your app-ads.txt file. If the ad network submitting the bid request is not listed in your file, the DSP knows the impression is unauthorized and can reject it.
The Verification Chain
- Your app listing in Google Play or the App Store contains a developer website URL.
- Your developer website hosts the app-ads.txt file at the root domain (e.g., example.com/app-ads.txt).
- DSPs and exchanges crawl this file regularly and build an authorization map.
- Bid requests are checked against this map. Unauthorized sellers are filtered out.
This creates a chain of trust from your app store listing to your authorized sellers that fraudsters cannot forge because they do not control your developer website domain.
The IAB Specification: What Goes in the File
Each line in an app-ads.txt file follows a specific format defined by the IAB Tech Lab. The format is identical to web ads.txt.
Line Format
Each entry contains four fields separated by commas:
- Domain: The canonical domain of the advertising system (e.g., google.com, applovin.com).
- Publisher account ID: Your unique account identifier within that advertising system.
- Relationship type: Either DIRECT (you have a direct account) or RESELLER (a third party resells your inventory through this system).
- Certification authority ID: An optional TAG (Trustworthy Accountability Group) ID that further validates the advertising system. For Google, this is always f08c47fec0942fa0.
Example Entries
A typical app-ads.txt file for a publisher using Google Ad Manager with several mediation partners might include lines like these:
- google.com, pub-XXXXXXXXXXXXXXXX, DIRECT, f08c47fec0942fa0 — Your direct Google Ad Manager or AdMob account.
- applovin.com, XXXXXXXXXX, DIRECT, XXXXXXXXXXXXXXXX — Your direct AppLovin account.
- unity.com, XXXXXXX, DIRECT, XXXXXXXXXXXXXXXX — Your direct Unity Ads account.
- inmobi.com, XXXXXXXXXX, RESELLER, XXXXXXXXXXXXXXXX — A reseller entry for a network that accesses your inventory indirectly.
Every ad network and mediation platform you work with should provide you with their specific app-ads.txt lines. Do not guess at account IDs or relationship types.
How to Create and Host Your App-ads.txt File
Step 1: Gather Your Authorized Seller Lines
Contact each ad network, SSP, and mediation partner you work with. Request their app-ads.txt entries for your account. Most major platforms provide these in their publisher dashboard. Google Ad Manager, AdMob, AppLovin MAX, Unity LevelPlay, and others all have dedicated sections where you can copy your lines.
Step 2: Create the File
Create a plain text file named exactly app-ads.txt (lowercase, no extensions other than .txt). Paste all the lines you collected, one entry per line. Lines starting with # are treated as comments.
Step 3: Host at Your Developer Website Root
Upload the file so it is accessible at https://yourdomain.com/app-ads.txt. This must be the exact domain listed as your developer website in your Google Play or App Store listing. Subdomains will not work unless they match exactly.
Step 4: Verify Your Developer Website URL
In Google Play Console, confirm that your developer website URL matches the domain where you hosted the file. In App Store Connect, verify the same under your developer information. This link is what allows verification systems to find your file.
Common Mistakes to Avoid
Even publishers who understand the concept often make implementation errors that undermine the protection app-ads.txt provides.
- Wrong domain: Hosting the file at a subdomain like www.example.com when your store listing says example.com, or vice versa. The domain must match exactly.
- Missing entries: Forgetting to list all your authorized sellers. If a legitimate network is missing, DSPs may filter out real impressions, directly reducing your fill rate and revenue.
- Stale file: Adding new ad networks to your mediation stack but forgetting to update app-ads.txt. Treat the file as a living document that must be updated whenever your monetization partners change.
- Wrong relationship type: Listing a reseller as DIRECT or vice versa. Use the exact relationship type your ad partner specifies.
- File encoding issues: The file must be UTF-8 encoded plain text served with a text/plain content type. HTML wrappers, BOM characters, or other encoding artifacts will cause parsing failures.
- HTTPS requirement: The file must be accessible over HTTPS. HTTP-only hosting will fail verification by most crawlers.
Google and AdMob Enforcement
Google has been the most aggressive enforcer of app-ads.txt compliance. Since 2020, Google Ad Manager and AdMob have progressively tightened enforcement to the point where not having a valid app-ads.txt file can significantly impact your revenue.
What Happens Without App-ads.txt
- Reduced demand: Many DSPs, including Google's own DV360, will not bid on inventory from apps without a valid app-ads.txt file. This directly reduces competition for your impressions and lowers eCPMs.
- Policy warnings: Google Play Console may flag your app with monetization policy warnings if you serve ads without proper app-ads.txt implementation.
- Lost revenue from spoofing: Without the file, fraudsters can sell fake versions of your inventory. Every dollar spent on spoofed impressions is a dollar that was not spent on your real impressions.
Critical note: Google periodically crawls app-ads.txt files and caches them. Changes can take 24 to 48 hours to propagate. Plan ahead when adding new demand sources so there is no gap in authorization.
Which Ad Networks to List
You should list every entity authorized to sell or resell your inventory. This typically includes:
- Your primary ad server: Google Ad Manager or AdMob (most publishers have at least one Google entry).
- Direct mediation partners: Any network where you have a direct publisher account (AppLovin, Unity, Meta Audience Network, Vungle/Liftoff, ironSource, Chartboost, InMobi, etc.).
- Resellers and exchanges: Networks that access your inventory through a mediation platform or SSP rather than a direct relationship with you.
- Managed service providers: If you use a service like RevenueFlex to manage your ad waterfall through Google Ad Manager, the relevant GAM entries will be provided as part of the setup.
Verifying Your Implementation
After publishing your app-ads.txt file, verify it using these methods:
- Direct URL check: Navigate to https://yourdomain.com/app-ads.txt in a browser. You should see the raw text file with all your entries.
- Google Ads Transparency Center: Google provides tools to verify that your app-ads.txt is being crawled and parsed correctly.
- Third-party validators: Tools from companies like AppBrain and Apptica can scan your file and flag formatting errors or missing common entries.
- Network dashboards: Most ad networks show an app-ads.txt status indicator in their publisher dashboard. Check each one to confirm it recognizes your authorization.
Impact on Revenue: The Numbers
Publishers who implement app-ads.txt correctly typically see measurable revenue improvements within weeks. The impact comes from two directions.
First, more demand competes for your inventory because DSPs that previously filtered you out now participate in auctions. This increased competition directly lifts eCPMs.
Second, advertiser budgets shift toward verified inventory as brands and agencies increasingly require app-ads.txt compliance in their targeting criteria. Premium demand that commands the highest CPMs is disproportionately concentrated among advertisers who enforce these standards.
App-ads.txt is one of the few monetization optimizations that costs nothing, takes less than an hour to implement, and has zero risk of negatively impacting user experience. If you have not set it up yet, do it today. If you have set it up, audit it quarterly to ensure it stays current. Your revenue depends on it.