> ## Documentation Index
> Fetch the complete documentation index at: https://docs.adcontextprotocol.org/llms.txt
> Use this file to discover all available pages before exploring further.

# Accounts & Security

> AdCP accounts and security — authentication, rate cards, billing entities, and data isolation for multi-tenant media buying between buyer and seller agents.

An **Account** represents a billing relationship between a buyer and a seller in AdCP. Sales agents use accounts to determine pricing (rate cards), billing entities, and to enforce data isolation between different buyers.

## Authentication

All requests must be authenticated using a bearer token in the standard `Authorization` header:

```
Authorization: Bearer <your_token>
```

The server validates this token and identifies the **agent** making the request. The agent may have access to one or more accounts.

See [Authentication](/docs/building/integration/authentication) for details on obtaining credentials and authentication methods.

### Agents and Accounts

AdCP distinguishes between:

* **Agent**: The authenticated entity making API calls (e.g., `"pinnacle_trading_desk"`)
* **Account**: The billing relationship for a media buy (e.g., `"acme_c/o_pinnacle"`)

An agent may operate on multiple accounts. For example, an agency trading desk might manage accounts for multiple advertisers and their own house account. See [Accounts and Agents](/docs/building/integration/accounts-and-agents) for details.

## Data Isolation

Authentication provides the foundation for strict data isolation. Sales agents **MUST** enforce the following rules:

1. When an object like a `MediaBuy` is created, it **MUST** be permanently associated with the account used for that request.
2. For any subsequent request to read or modify that object, the server **MUST** verify that the agent has access to that account.
3. If the agent does not have access, the server **MUST** return a permission denied error.

This model ensures that one account's data cannot be accessed by agents who lack authorization. Passing an `account_id` for an account you don't have access to will result in an error.

## Security Requirements

For the full normative implementation reference — two-step authorization, row-level security, IDOR defense, and the wider security posture (webhooks, idempotency, signed governance context) — see [Security — Agent and Account Isolation](/docs/building/implementation/security#agent-and-account-isolation).

### Required Security Measures

Sales agent implementations **MUST**:

* Validate bearer tokens on every authenticated request
* Enforce account-based data isolation
* Use TLS for all communications
* Log authentication failures for security monitoring

### Recommended Security Measures

Sales agent implementations **SHOULD**:

* Implement rate limiting per agent and account
* Support token expiration and refresh
* Provide audit logging for compliance
* Support IP allowlisting for high-security accounts
