adlibrary.com Logoadlibrary.com
Share
Platforms & Tools,  Competitive Research

EU DSA Ad Repositories: What Developers Can Actually Pull

Every DSA ad repository mapped for developers: Article 39 fields, platform APIs, EU-only scoping traps, and how to combine them with commercial ad data.

EU DSA ad repository archive of ads flowing from platforms into a searchable database

Brussels did something quietly useful for ad researchers. Article 39 of the Digital Services Act forces every very large platform to run a public DSA ad repository: a searchable archive of every ad shown in the EU, complete with targeting parameters and reach numbers. Not political ads. Every ad. Most marketers have never opened one, and most developers don't know the data is sitting there, free, behind documented interfaces.

TL;DR: The DSA's Article 39 made Meta, TikTok, Google, LinkedIn, X, and a dozen other platforms publish ad repositories covering all ads delivered in the EU, with targeting criteria and per-country reach. The catch: data is EU-only, fields vary wildly by platform, only Meta and TikTok ship real APIs, and nothing in any repository tells you whether an ad is performing. This guide maps what each DSA ad repository actually returns, the scoping traps, working code for the pullable ones, and how teams layer a commercial ad library API on top for the signals regulation never required.

What Article 39 Actually Requires, in Plain Language

The Digital Services Act is Regulation (EU) 2022/2065. It applies its heaviest obligations to Very Large Online Platforms and Very Large Online Search Engines, defined as services with at least 45 million average monthly active users in the EU. The European Commission designated the first nineteen in April 2023, and the regulation has applied in full since February 2024.

Article 39 is the ad transparency clause. Stripped of legal phrasing, it says each designated platform must:

  • Publish a repository of every advertisement presented on its interface in the EU
  • Keep each ad available for one full year after its last impression
  • Make the repository searchable through a "reliable tool" that supports multicriteria queries, including through APIs
  • Exclude personal data of the people who saw the ads

And for each ad, the repository must disclose:

  • The content of the ad, including the product or service name and subject matter
  • The advertiser it was presented on behalf of, plus who paid if that's a different entity
  • The period during which it ran
  • Whether it was targeted at specific groups, and the main parameters used, including exclusion parameters
  • Total recipients reached, broken down per EU member state for targeted groups

Two details in that list deserve a second read. The repository must work "through application programming interfaces," which means API access is a legal requirement, not a courtesy, even where platforms have made it painful in practice. And the exclusion-parameters clause means you can see who an advertiser deliberately chose not to reach, a disclosure no platform offered voluntarily before 2024.

Platforms that fall short risk fines of up to 6% of global annual turnover. Those enforcement teeth are why these repositories exist at all, and why the sloppier implementations are already under formal scrutiny. For background on how ad transparency rules evolved into this, our overview of ad transparency libraries and regulatory standards traces the lineage.

Which Platforms Ship a DSA Ad Repository, and Where

Every designated VLOP that serves ads now operates some form of repository. Quality ranges from genuinely good to malicious compliance.

PlatformRepositoryProgrammatic access
Meta (Facebook, Instagram)Ad LibraryOfficial API (verification + app required)
TikTokCommercial Content LibraryOfficial API (application required)
Google, YouTubeAds Transparency CenterNo official API
LinkedInAd LibraryNo official API
X (Twitter)Ads repository (downloadable files)CSV exports, no query API
Snapchat, PinterestPublic ad galleries / reportsNo official API

A few notes the table can't carry. Bing, as a designated search engine, publishes its own ad library for EU-served search ads. Amazon, Booking, Zalando, and AliExpress run repositories too, which matter if you research retail media. Snapchat's transparency surface is thinner than the big four, and we've documented what Snapchat's ads transparency actually shows separately.

X is the cautionary tale. Its "repository" launched as bulk file downloads rather than a searchable tool, and in July 2024 the European Commission issued preliminary findings that X breaches the DSA, naming the ad repository's design as one of three failures. If you build against X's data, expect format churn while that case resolves.

The practical reading: two platforms give developers real query interfaces, two more give researchers solid browser tools, and the rest give you PDFs, galleries, or ZIP files. Plan your stack accordingly.

Meta's Repository: The Deepest Implementation

Meta had a head start. Its Ad Library has existed since 2019 for political ads, so DSA compliance meant extending existing infrastructure rather than building from zero. The result is the most usable DSA ad repository of the lot.

In the browser, any ad delivered to the EU now carries a "European Union transparency" section: who paid, who benefits, the targeting parameters the advertiser chose (age ranges, gender, locations), and estimated reach broken down by member state. That UI layer alone changed competitor research. You can open a rival's ad and read which countries they excluded, something Meta's Transparency Center never exposed before 2023.

Programmatically, the same data flows through the ads_archive endpoint of the Ad Library API. EU-specific fields include eu_total_reach, target_ages, target_gender, target_locations, beneficiary_payers, and age_country_gender_reach_breakdown. For political ads you also get spend bands. For commercial ads you don't, which is the single most common disappointment developers hit.

Access friction is real. You verify your identity with government ID, create a developer app, and work with tokens that expire every 60 days. Our breakdown of Meta Ad Library API limitations covers the seven walls in detail, and the companion piece on what Meta's free API gets you in 2026 sets expectations before you invest the setup time. Worth saying plainly: for EU commercial ad coverage mandated by the DSA, Meta's free API is the canonical source, and it costs nothing beyond patience.

TikTok, Google, LinkedIn, and X: The Rest of the Field

TikTok built its Commercial Content Library specifically for DSA compliance, covering ads and paid commercial content shown in the European Economic Area. The browser tool supports search by advertiser, keyword, and country with date filters. There's also a Commercial Content API, which requires an application reviewed by TikTok before you get credentials. Approval is oriented toward researchers, but commercial analysts do get through. Fields include advertiser name, ad creative, run dates, targeting summary, and reach. Our TikTok Ad Library guide walks through both the official tool and the third-party route.

Google's Ads Transparency Center covers every verified advertiser across Search, YouTube, and Display. For EU-served ads it adds the DSA disclosure layer with targeting and reach detail and keeps records for the mandated year. What it doesn't offer is any official API, so a browser is the only sanctioned client. Teams that need Google's repository data in scripts use workarounds we covered in our piece on programmatic access to the Google Ads Transparency Center.

LinkedIn's Ad Library is browser-only as well. You can search by company or keyword, filter by country and date, and see EU impression ranges per member state plus the targeting facets used. For B2B research it's surprisingly rich, and surprisingly unknown. The programmatic options, official and otherwise, are mapped in our LinkedIn ad library API guide.

X publishes downloadable repository files rather than a queryable service. Parsing them is straightforward engineering, but the Commission's open proceedings mean the format and scope could shift with little notice.

Field-Level Reality: The Promise vs the Payload

Read Article 39 cold and you'd expect a competitive intelligence goldmine. The fields that actually arrive are narrower than the regulation's language suggests, in five specific ways.

Reach is aggregated, not granular. You get totals and per-country breakdowns, often as ranges or estimates. Meta's eu_total_reach is a single number per ad covering its whole run. No daily curves, no placement splits. Treat every figure as a band, the same way you treat bucketed reach metrics anywhere else.

Targeting parameters are coarse. Platforms disclose the main parameters: age, gender, location, and whether exclusions existed. Detailed interest stacks, lookalike sources, and custom audience definitions stay hidden. You learn that a competitor excluded users under 25 in Germany. You don't learn which behavioral segments they layered on top.

Payer and beneficiary are self-declared. The advertiser types these strings. Agencies appear as payers for brands, holding companies obscure subsidiaries, and enforcement of accuracy is light so far.

No performance signals exist for commercial ads. Spend bands apply to political and issue ads only. Engagement counts, clicks, and conversion signals were never in scope. A repository tells you an ad ran, where, and roughly how many people saw it. Whether it worked is a question regulation never asked, which is exactly where commercial ad intelligence tooling picks up.

Creative deduplication is absent. A brand running one concept in forty variants shows forty rows. Concept-level analysis is your job.

Here's what that looks like with real numbers. Pull a mid-size DTC fashion advertiser from Meta's repository and a typical row reads: ad ran 2026-03-02 to 2026-04-18, eu_total_reach 412,000, targeted ages 25-54, all genders, locations France and Belgium with Paris excluded, payer "MediaAgency GmbH", beneficiary the brand itself. Useful. But you can't tell whether that 412,000 came from a €3,000 test or a €90,000 scaling push, whether anyone clicked, or whether the same creative ran in eight other variants you haven't found yet.

None of this makes the repositories useless. It makes them a foundation layer: verified, free, legally mandated ground truth about ad existence and audience scope, waiting for enrichment.

DSA ad repository EU-only scoping shown as a highlighted Europe map with ad cards

The EU-Only Scoping Gotchas That Break Queries

Every DSA ad repository shares one boundary that trips developers constantly: the data exists only because an ad was delivered in the EU. Several traps follow from that single fact.

US-only campaigns are invisible. A competitor spending heavily in North America while running nothing in Europe produces zero rows. Absence of evidence in a DSA ad repository is evidence of nothing. Pair any EU pull with a source that covers other markets before you conclude a brand has gone quiet.

Regional creative splits skew your sample. Brands localize. The hooks a DTC brand runs in Germany often differ from its US angles, so the EU repository shows you the European playbook, which may be the conservative one. Apply geotargeting logic when reading the data, the same way you'd scope queries with geo filters in any research tool.

The UK isn't in scope. Post-Brexit, the DSA doesn't cover Britain. Meta still surfaces UK ads under its older transparency regime, but reach and targeting disclosures differ. Don't assume GB rows carry the same fields as DE rows.

The one-year clock deletes history. Ads vanish twelve months after their last impression. A repository is a rolling window, not an archive. Longitudinal studies need you to capture and store rows yourself, on a schedule, before they expire. Anyone doing automated competitor ad monitoring should treat the repository as a feed to persist, never a database to re-query.

"EU" is not a query value. Article 39 talks about the Union, but the APIs talk about countries. Meta's ad_reached_countries parameter wants an explicit list, so a true whole-EU pull means enumerating all 27 member states in every request. Most teams start with the five or six markets that matter to them and widen later. Document that choice, because a Germany-plus-France pull quietly presented as "EU coverage" will misstate a competitor's real footprint.

Reach denominators differ per platform. Meta reports accounts reached, TikTok reports users, LinkedIn reports impression ranges. Cross-platform comparisons need normalization before any number lands in a deck. When you estimate cost from reach, a CPM calculator plus published country benchmarks gets you a defensible range.

Pulling DSA Ad Repository Data with Code

Meta's implementation is the one worth scripting first, since it's free, documented, and covers the two biggest social ad platforms. After identity verification and app setup, a query for all commercial ads a page runs in the EU looks like this:

bash
curl -G "https://graph.facebook.com/v21.0/ads_archive" \
  -d "access_token=YOUR_TOKEN" \
  -d "ad_type=ALL" \
  -d "ad_reached_countries=['DE','FR','NL']" \
  -d "search_page_ids=[123456789]" \
  -d "fields=ad_creative_bodies,ad_delivery_start_time,ad_delivery_stop_time,eu_total_reach,target_ages,target_gender,target_locations,beneficiary_payers" \
  -d "limit=100"

The DSA-specific fields do the interesting work. eu_total_reach gives the aggregate audience, target_ages and target_gender expose the demographic brackets the advertiser selected, target_locations includes exclusions, and beneficiary_payers names who paid versus who benefits.

Pagination follows Graph API cursor conventions. A loop that walks paging.next until exhaustion and persists each row before the one-year window eats it looks like this:

python
import requests

url = "https://graph.facebook.com/v21.0/ads_archive"
params = {
    "access_token": TOKEN,
    "ad_type": "ALL",
    "ad_reached_countries": "['DE','FR','NL']",
    "search_page_ids": "[123456789]",
    "fields": "id,ad_creative_bodies,eu_total_reach,"
              "target_ages,target_locations,beneficiary_payers",
    "limit": 100,
}

while url:
    resp = requests.get(url, params=params).json()
    for ad in resp.get("data", []):
        store(ad)  # write to your own DB — rows expire after a year
    url = resp.get("paging", {}).get("next")
    params = {}  # cursor URL already carries everything

Our Python ad library API cookbook has hardened versions of this loop, including retry handling for the rate limits that bite once you monitor more than a handful of pages. Schedule it nightly per competitor page and you've turned a rolling regulatory window into a permanent dataset you own.

TikTok's Commercial Content API follows a different pattern: you apply at developers.tiktok.com, receive credentials after review, then query ads by advertiser, country, and date window. Build the application step into your project timeline, since approval isn't instant.

For Google and LinkedIn there is nothing official to script against, which forces a decision. Either a human reads the browser tools and transcribes findings, or you route around the gap with third-party coverage. Manual transcription survives for one client and dies at ten.

Where DSA Repositories Stop and Commercial APIs Start

Run DSA data for a month and the gaps organize themselves into a clean list. No performance signals. No coverage outside the EU. No engagement counts. Four-plus separate integrations with four different auth schemes. No creative analysis. No concept deduplication.

That list is precisely the feature set of commercial ad intelligence tooling, which is why the smart pattern isn't either/or. Regulated repositories provide free, legally mandated ground truth. A paid layer adds the judgment signals. Meta's free API remains the right baseline for EU reach and targeting disclosures, and a commercial ad library API earns its fee on everything the regulation never required.

The adlibrary API is built as that upgrade layer. One key, no app review, and coverage across eleven platforms including the ones whose DSA repositories are browser-only: Facebook, Instagram, TikTok, YouTube, Google, LinkedIn, Twitter, Pinterest, and more. Each result carries the signals repositories omit: estimated ad spend, a 0 to 1000 heat score for momentum, impressions, and runtime. One credit per search, refunded automatically if the search fails.

bash
curl "https://adlibrary.com/api/search" \
  -H "Authorization: Bearer adl_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "keyword": "running shoes",
    "appType": "3",
    "platform": "facebook,instagram,tiktok",
    "geo": "DE",
    "sortField": "-impression",
    "daysBack": 30
  }'

The two sources also cross-validate each other, which matters more than it sounds. When the repository says a competitor reached 2 million people in Germany and the commercial layer shows the same brand's German creatives carrying high heat scores and 60-day runtimes, you have two independent signals agreeing that a campaign is scaled rather than tested. When they disagree, that's usually localization or a creative split worth investigating on its own.

A practical merged workflow: pull a competitor's EU footprint from Meta's repository to get verified targeting and reach, then query the same brand through the commercial API to rank its creatives by heat and runtime, identify what's scaling, and feed the winners into an enrichment step that returns a structured creative teardown. Teams wiring this into agents treat the repositories as the compliance-grade source and the commercial layer as the decision-grade one. The ad data for AI agents use case shows that exact architecture, and our ad spy API comparison benchmarks the commercial options if you want to evaluate the field.

Compliance vs Intelligence: Two Different Jobs, One Dataset

The same rows serve two audiences with opposite questions, and knowing which job you're doing keeps your queries honest.

Compliance and accountability work asks: did this advertiser follow the rules? Researchers, journalists, and brand-safety teams use repositories to audit political ad disclosure, detect undeclared commercial influence, verify that age-restricted products weren't targeted at minors, and check ad compliance claims against reality. The repository is the product here. Its legal mandate is what makes findings citable.

Competitive intelligence work asks: what is this advertiser's strategy? The same targeting disclosures read differently through this lens. Exclusion parameters reveal segmentation strategy. Per-country reach shows budget allocation across markets, which is a market-entry signal you can act on. Run dates expose creative refresh cadence. A competitor ad research workflow that ignores DSA fields is leaving free, verified strategy data on the table, and most competitive intelligence teams still haven't noticed it exists.

One concrete example of the second job. A skincare brand evaluating Poland can pull every category advertiser's per-country reach from the Meta repository, see who's actually investing there versus token-spending, then size the creative landscape and model entry costs with an ad spend estimator. Two years ago that analysis required panel data subscriptions. Now the raw layer is free.

Frequently Asked Questions

What is a DSA ad repository?

A DSA ad repository is the public ad archive that Article 39 of the EU Digital Services Act requires every Very Large Online Platform to maintain. It contains every ad shown in the EU with its creative content, advertiser identity, payer, run dates, targeting parameters, and aggregate reach per member state, kept for one year after the ad's last impression.

Do DSA ad repositories cover ads outside the EU?

No. The obligation covers ads presented to users in the European Union, so campaigns running only in the US, UK, or other markets don't appear. The UK is out of scope post-Brexit. For non-EU coverage you need each platform's older transparency tools or a commercial multi-platform API.

Which DSA ad repositories have APIs?

Meta offers the Ad Library API after identity verification and app setup, and TikTok offers a Commercial Content API after an application review. Google's Ads Transparency Center, LinkedIn's Ad Library, and most other VLOP repositories are browser-only, and X publishes downloadable files instead of a query interface.

How long does an ad stay in a DSA ad repository?

One year after the ad was last presented, per Article 39. Repositories are rolling windows rather than permanent archives, so longitudinal research requires capturing and storing the data yourself before rows expire.

Can I use DSA ad repository data for competitor research?

Yes, and it's underused for that. Targeting parameters, exclusion lists, run dates, and per-country reach are strategy signals. The repositories carry no performance data though, so most teams combine them with a commercial ad intelligence API that adds estimated spend, engagement, and creative analysis on top.

A Regulatory Gift, If You Wire It Right

The DSA ad repository system is the largest free expansion of ad transparency since ad libraries first appeared, and adoption among marketers is still close to zero. That's the opportunity. The data is verified, mandated, and sitting behind documented endpoints for the two platforms that matter most in paid social. Field gaps and EU-only scope are real constraints, but they're knowable ones, and every workaround in this guide is buildable in a week.

Start with Meta's free repository pull for your top five competitors. The moment you need performance signals, non-EU coverage, or the other nine platforms in one response, that's the upgrade point. API access ships on the Business plan at €329/mo with 1000+ monthly credits, integration help included, so the EU's regulatory gift becomes one input in a pipeline instead of a browser tab you check on Fridays. Get your key on the API access page and wire the whole thing end to end.

Related Articles

AdLibrary image
Guides & Tutorials,  Competitive Research

Meta Ad Transparency Center: Complete Guide

How to use the Meta Ad Transparency Center to research competitor ads, decode creative strategy, and build a systematic swipe file for your campaigns.