For developers and users who want to opt-out of the Protected Audience API.
The Protected Audience API will eventually require sites to set a Permissions Policy to allow the Protected Audience API functionality to be available. This will help ensure that arbitrary third parties can't use the API without a site's knowledge. However, to facilitate testing during the first origin trial, this requirement was waived by default.
Sites that would like to explicitly disable Protected Audience API functionality during the testing period can use the relevant Permissions Policy to block access. There are two Protected Audience API permissions policies that can be set independently:
join-ad-interest-groupenables/disables functionality to add a browser to interest groups
run-ad-auctionenables/disables functionality to run an on-device auction
Access to Protected Audience APIs can be disabled completely in first-party contexts by specifying the following permissions policy in an HTTP response header:
Permissions-Policy: join-ad-interest-group=(), run-ad-auction=()
You can disable usage of the APIs in an iframe by adding the following
attribute to an iframe element:
<iframe src="https://example.com" allow="join-ad-interest-group 'none'; run-ad-auction 'none'"></iframe>
The Proposed First Protected Audience API Origin Trial Permissions-Policy section provides more detail.
A user can block access to the Protected Audience API and other Privacy Sandbox features by using any of the following mechanisms:
- Disable the Privacy Sandbox trials in Chrome Settings: Settings >
Security and privacy > Privacy Sandbox. This is also accessible at
- Disable third-party cookies in Chrome Settings: Settings > Security and privacy.
- Set Cookies and other site data to either "Block third-party cookies" or "Block all cookies" from
- Use Incognito mode.