oanor
Sign up free
Marketplace Pricing Features Sign in

API · /adstxt-api

ads.txt API

healthy 4,867 Subscribers

Fetch and evaluate any publisher's ads.txt / app-ads.txt — the IAB authorized-digital-sellers standard. Pass a domain and the check endpoint fetches its ads.txt server-side, then returns every seller record parsed into its fields — advertising system, the publisher's seller/account id, the DIRECT or RESELLER relationship and the optional certification-authority id (TAG-ID) — alongside counts (direct, reseller, distinct ad systems) and the declared variables OWNERDOMAIN, MANAGERDOMAIN, CONTACT and SUBDOMAINS. The verify endpoint answers the one question programmatic-advertising integrations actually ask: is this advertising system, with this publisher id, authorized to sell this domain's inventory? — returning an authorized boolean and the matching records. A missing file is reported as found:false (not an error), and soft-404 HTML pages are detected and rejected so you never parse a "page not found" as records. The request is made server-side and private or internal targets are refused (SSRF-guarded). Built for ad-tech supply-chain verification, SSP/DSP onboarding checks, anti-fraud and inventory audits. An ads.txt seller-authorization checker — distinct from the security-contact file reader (securitytxt), the robots.txt crawlability evaluator (robots) and the sitemap parser (sitemap). No upstream key, no cache.

#ads-txt #adtech #advertising #seller-verification #web #developer-tools
api.oanor.com/adstxt-api
Get an API key Try in playground → Contact provider

Machine-readable spec so AI agents can integrate this API.

/api/adstxt-api/openapi.json
/api/adstxt-api/llms.txt

Discovery: GET /api/index.json lists every API.

API health

healthy
Uptime
100.00%
Server probes · 24h
Avg latency
166 ms
Server probes · 24h
Subscribers
4,867
active
Total calls
3
last 7 days
status Full status page → · 6 probes/24h

Pricing

Pick a tier — billed monthly, cancel anytime.

Free

Free

  • 2,090 calls / month
  • 2 requests / second
  • Hard cap (429 above quota, no overage)
  • 2,090 calls/month
  • 2 req/sec
  • Check + verify
  • No credit card
Sign in to subscribe

Starter

€6.15 /month

  • 40,000 calls / month
  • 8 requests / second
  • Hard cap (429 above quota, no overage)
  • 40k calls/month
  • 8 req/sec
  • Full record + variable parsing
  • Email support
Sign in to subscribe

Pro

€20.25 /month

  • 212,000 calls / month
  • 20 requests / second
  • Hard cap (429 above quota, no overage)
  • 212k calls/month
  • 20 req/sec
  • Supply-chain verification pipelines
  • Priority support
Sign in to subscribe

Mega

€52.60 /month

  • 808,000 calls / month
  • 50 requests / second
  • Hard cap (429 above quota, no overage)
  • 808k calls/month
  • 50 req/sec
  • Ad-tech platform scale
  • Dedicated SLA
Sign in to subscribe

Built by

P
PremiumApi

Related APIs

Other APIs with overlapping tags.

Sitemap API

Fetch and parse an XML sitemap (the sitemaps.org protocol). Pass a sitemap URL and the parse endpoint fetches it — following redirects and transparently gunzipping .gz sitemaps — and returns its type: a urlset with every URL and its lastmod, changefreq and priority, or a sitemapindex listing the child sitemaps, with offset/limit paging for large files. The urls endpoint goes further: when the sitemap is an index it fetches the child sitemaps too and flattens every page URL into a single list, with a configurable cap on URLs and child sitemaps and a truncated flag so you stay in control. The request is made server-side and private or internal targets are refused (SSRF-guarded). Built for SEO audits, building crawl queues and content inventories, change monitoring and migration checks. A sitemap fetcher and parser — distinct from generic XML-to-JSON conversion (xml), the robots.txt evaluator (robots) and the on-page SEO audit (seo). No upstream key, no cache.

api.oanor.com/sitemap-api

robots.txt API

Fetch and evaluate any website's robots.txt. Pass a URL and a user-agent and the check endpoint tells you whether that URL is crawlable — selecting the most-specific user-agent group and applying the RFC 9309 longest-match Allow/Disallow rules (with * and $ wildcards, where Allow wins ties), and returning the matched rule, the group's crawl-delay and the sitemaps the site declares. The parse endpoint returns the whole file structured into per-user-agent groups (their allow and disallow lists and crawl-delay) plus the list of sitemaps. A missing robots.txt (404/403) means everything is allowed, exactly as the spec requires. The request is made server-side and private or internal targets are refused (SSRF-guarded). Built for SEO audits, crawler and scraper compliance, sitemap discovery and pre-flight "am I allowed to fetch this?" checks. A robots.txt evaluator — distinct from the on-page SEO audit (seo), the XML toolkit (xml) and link unfurling/preview (url). No upstream key, no cache.

api.oanor.com/robots-api

Subresource Integrity API

Generate Subresource Integrity (SRI) hashes for any web asset, so browsers can verify that a CDN-hosted script or stylesheet has not been tampered with. Pass a URL and the service fetches the asset and returns its sha256, sha384 and sha512 SRI hashes, the chosen integrity value (sha384 by default, or pass your preferred algorithm), the asset's size and content type, and a ready-to-paste <script> or <link> tag complete with the integrity and crossorigin attributes. A verify endpoint re-fetches the asset and tells you whether it still matches a known integrity string — catching silent CDN changes or supply-chain tampering before your users hit them. The request is made server-side; private and internal targets are refused (SSRF-guarded). Built for securing third-party scripts, supply-chain hardening, build pipelines and CSP/SRI compliance. A Subresource Integrity generator and verifier — distinct from raw cryptographic hashing of input data (hash), the HTTP security-header grader (secheaders) and the SSL/TLS certificate check (sslcheck). No upstream key, no cache.

api.oanor.com/sri-api

security.txt API

Fetch and parse any domain's RFC 9116 security.txt — the machine-readable file at /.well-known/security.txt that tells security researchers how to report vulnerabilities. Pass a domain and the service locates the file (the canonical .well-known path with a legacy root fallback), parses every field — Contact, Expires, Encryption, Acknowledgments, Preferred-Languages, Canonical, Policy, Hiring and CSAF — and reports whether it is valid (has at least one Contact and a single, non-expired Expires), whether it is PGP-signed, whether it has expired (with the number of days remaining) and a list of issues with concrete advice. A companion endpoint returns the raw file. The request is made server-side; private and internal targets are refused (SSRF-guarded). Built for security audits, vendor and third-party risk assessment, attack-surface reviews and vulnerability-disclosure-policy compliance checks. A security.txt parser and validator — distinct from the HTTP security-header grader (secheaders), the SSL/TLS certificate check (sslcheck) and host reachability (hostcheck). No upstream key, no cache.

api.oanor.com/securitytxt-api

Frequently asked questions

Quick answers about pricing, quotas, and integration.

How do I get an API key for ads.txt API?
Sign up for free at oanor.com, generate an API key from the developer dashboard, and call ads.txt API with the x-oanor-key header. No credit card needed for the free tier.
What's the rate limit for ads.txt API?
Free tier allows 1 request per second. Paid plans scale up to 50 requests per second on the Mega tier. Hard limits return HTTP 429 above the quota — no surprise overage charges.
How much does ads.txt API cost?
ads.txt API has a free tier with 100 calls / month. Paid plans start at €6.15 / month with higher quotas and faster rate limits.
Can I cancel my subscription anytime?
Yes. Plans are billed monthly and you can cancel anytime from your billing dashboard. No long-term contracts and no cancellation fee.
Is ads.txt API GDPR-compliant?
All requests to ads.txt API go through our EU-based gateway. Your upstream API key never leaves our server and no personal data is shared with the upstream provider beyond the request you send.

Pick an endpoint from the list on the left to see its details and try it.

Code snippets

Sign up to get an API key, then call any path under your slug.

curl https://api.oanor.com/adstxt-api/SOME_PATH \
  -H "x-oanor-key: oanor_test_..."
const res = await fetch("https://api.oanor.com/adstxt-api/SOME_PATH", {
  headers: { "x-oanor-key": "oanor_test_..." }
});
const data = await res.json();
$ch = curl_init("https://api.oanor.com/adstxt-api/SOME_PATH");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, ["x-oanor-key: oanor_test_..."]);
$response = curl_exec($ch);
import requests
r = requests.get(
    "https://api.oanor.com/adstxt-api/SOME_PATH",
    headers={"x-oanor-key": "oanor_test_..."},
)
print(r.json())

Ratings

Sign in to rate.

No reviews yet.

Discussion

Ask questions, share usage tips, get answers from the provider and other developers. Public — anyone can read.

Sign in to start a thread or reply.

Sign in

New thread

/ 4000

📌 Pinned 🔒 Locked

·

· ·

/ 4000

🔒 This thread is locked — no new replies.

  • No threads yet — start the discussion.

Support

Private 1:1 support with the provider — billing questions, integration issues, account problems. Only you and the provider team can see these threads.

Sign in to open a support ticket.

Sign in

Open new ticket

Describe what you need help with. The provider team gets an email and replies on the ticket page.

  • No tickets yet for this API.

Subscription active — calls can start immediately.

Send your first request —

Subscription active — copy a snippet and fire off your first call.