Hi.

While seeking the repository documentation, we could not find a way to prevent an origin from running ad auction on our origin behalf.

For the methods joinAdInterestGroup and leaveAdInterestGroup we have the path https://owner.domain/.well-known/interest-group/permissions/?origin=frame.origin.

How about runAdAuction? Is it possible to restrict its usage based on an origin?

Thanks!