Google Ad Manager uses the GPT SDK to collect and send secure signals for web ad requests. For mobile apps and video inventory, an adapter from the secure signal provider or Google Ad Manager is typically required to integrate with the GMA and IMA *SDKs, respectively.
However, when publishers need to manage and build their own ad requests for mobile apps or video, particularly for CTV, they are also responsible for collecting and including these secure signals in those requests.
Requirements
- Structure your signals in a JSON object
- Encode the JSON object
- Append the encoded signal to your ad request URL
- (Optional) Implement a caching mechanism
- Configure signal sharing in Google Ad Manager
When a publisher constructs their own ad request, the following steps must be performed in order to collect and include their desired secure signals:
1. Structure your signals in a JSON object
First, you need to collect the secure signal data and format it into a JSON object. This JSON should represent all the signals you want to send. A secure signal can be either:
- Third-party generated:Signals defined by an external provider. In the JSON, you'll specify the
source(the provider's ID), thedata(the output from their library), and setisPubCreatedtofalse. - Publisher-created (custom):Signals defined by the publisher. For these, the
sourceis your Google Ad Manager network code, thedatais your custom signal, andisPubCreatedistrue.
Here's an example of what this JSON object would look like:
JSON
, including two signals, one provided by a third-party signal provider named SOURCE1
, and a second signal which is a publisher custom secure signal named 123 after the publisher network code. DATA1
is obtained from a function supplied by the SOURCE1
signal provider, DATA2
is obtained from a function created by the publisher:{
"signals": [
{
"source": "SOURCE1",
"data": "DATA1",
"isPubCreated": false
},
{
"source": "123",
"data": "DATA2",
"isPubCreated": true
} ]
}
Signal "source": "SOURCE1"
is a third-party generated signal
-
sourceis the third-party IDP'ssource_id(as shared by the provider during registration – for example: “liveramp.com”, “uidapi.com”, “pubcid.org”) -
datais output of the signal provider's library and the core payload of the signal. -
isPubCreatedis set tofalse
Signal "source": "123"
is a publisher created Custom Secure signals
-
sourceis the publisher'snetwork code -
datais the publisher created signal that a bidder should be able to decode. The signal must be obfuscated before being sent to Google. -
isPubCreatedis set totrue
There are a number of methods publishers can take to convert an object to a string, depending on their needs and capabilities. One popular method is JSON.stringify()
, which is the function specifically designed to serialize a JavaScript object into a JSON string. This string is a precise, text-based representation of your data, ready for transmission.
After JSON.stringify()
{"signals":[{"source":"SOURCE1","data":"DATA1","isPubCreated":false},{"source":"123","data":"DATA2","isPubCreated":true}]}
2. Encode the JSON object
Once you have your json
string, you must convert it into Base 64 Encoding with URL and Filename Safe Alphabet
that can be safely appended to an ad request URL for transmission.
eyJzaWduYWxzIjpbeyJzb3VyY2UiOiJTT1VSQ0UxIiwiZGF0YSI6IkRBVEExIiwiaXNQdWJDcmVhdGVkIjpmYWxzZX0seyJzb3VyY2UiOiIxMjMiLCJkYXRhIjoiREFUQTIiLCJpc1B1YkNyZWF0ZWQiOnRydWV9XX0
3. Append the Encoded signal to your ad request URL
Finally, you will construct your ad request URL
and include the encoded string as the value for the ssj
parameter. The ssj
parameter is specifically designed for carrying this publisher-created, secure signal JSON object.
The final URL would look similar to this:
https://pubads.g.doubleclick.net/gampad/ads?iu=/12345678/video&description_url=...&ssj=your_Base64_encoded_string
4. (Optional) Implement a caching mechanism
For server-side secure signal implementations, implementing a caching mechanic can mitigate against latency. While not required, the responsibility for implementing and managing this caching falls to the publisher. Your implementation would require the following steps:
- Generate a signal:Create your secure signal JSON object.
- Store the signal:Implement a mechanism to store the encoded signal string (for example, in a server-side cache, database, or a local cache on the client device). The choice of storage method sits with the publisher.
- Set an expiration time:Decide on a reasonable duration for which the signal remains valid. This duration should be long enough to cover multiple ad requests but short enough to ensure the signal doesn't become outdated.
- Retrieve and use:When a new ad request is needed, your system would first check the cache. If a valid, non-expired signal exists, it's retrieved and appended to the ad request URL. If the signal is expired or doesn't exist, a new one is generated, used, and then cached for future use.
5. Configure signal sharing in Google Ad Manager
Finally, in Google Ad Manager you will need to ensure your secure signals can be shared with bidders and curation partners, which you can do so following the summary steps below.
- Sign in to Google Ad Manager.
- Navigate to Admin, then Global Settings, then Ad Exchange account settings.
- Click the toggle to accept terms and conditions for "Secure signal sharing".
-
Navigate to Inventory, then Secure Signals, and ensure the deployment method currently located in the "Web integration deployment" column is set to "Publisher deploy" for the relevant signal(s).
Note: If you also use the Prebid UserID module to send the same signals on web GPT-based requests, this method will continue to function as expected. - Navigate to Delivery, then Demand Channel Settings, and ensure secure signals are allowed to be sent to all or selected Authorized Buyers and Open Bidding partners.
For details, refer to Share secure signals with bidders and curation partners .
