~5% of our users when downloading the iOS application from the Apple Store for the first time are unable to enrol a Passkey and experience an error saying the application is not associated with [DOMAIN]. The error message thrown by the iOS credentials API is "The operation couldn't be completed. Application with identifier [APPID] is not associated with domain [DOMAIN]" We have raised this via the developer support portal with case id: 102315543678 Question: Why does the AASA file fail to fetch on app install and is there anything that can be done to force the app to fetch the file? Can this bug be looked at urgently as it is impacting security critical functionality? Other Debugging Observations We have confirmed that our AASA file is correctly formatted and hosted on the Apple CDN. Under normal circumstances the association is created on install and Passkey enrolment works as intended. We have observed that when customers uninstall/reinstall the app this often, but not always, resolves the issue. We also know this issue can resolve itself overtime without any intervention. We have ruled out network (e.g VPN) issues and have reproduced the issue across a number of different network configurations. We have ruled out the Keychain provider and have reproduced it across a variety of different providers and combinations of. We observed this across multiple versions of the iOS operating system and iPhone hardware including the latest hardware and iOS version.

Hello, My App use OIDC for user authentication and universal linking for redirection from browser to App. When user use autofill to enter credentials, sometime autosubmits happens automatically and after successfully login user sticks in the web. No redirection in the App happens in this situation. Could you please look into it? In my view universal linking/redirection should work even on autosubmit.

I have configured AASA file to support path such as https://domain/forgot-password?token=asadsad3ddsd. It is not opening in browser nor app. I have tried different iterations to support the above url. iteration 1 : components : [ { "/" : "/forgot-password" , "?" : { "token" : "?*} ] iteration 2 : components : [ { "/" : "*" } ] iteration 3 : components : [ { "/" : "/forgot-password" , "?" : { "token" : "?????..." } ] my token is of length 36. so I have kept 36 question marks. do we need to configure something in flutter app delegate to support query parameters.

I've setup applinks for Universal Links purposes on my app. But I noticed that setting up applinks also sets up Password AutoFill. Upon logging in I don't want my users to be prompted to Save Password because of the way we use our subdomains. How can I disable Password AutoFill while retaining Universal Links capability, and without disabling secureTextEntry on my UITextField?

Hello, my app was rejected because deep linking doesn't work as expected according to the reviewer. I have reinstalled the app and tested it on the same device and iOS version as the reviewer, but everything still works fine for me. I also asked a few friends (three people) to test it, and they all confirmed that the deep linking works as intended. Have you ever experienced a similar issue before, or do you have any insight into why this might be happening? Thank you in advance.

THE ISSUE - Hi there guys we have been through documentation and gone back and forth on forums and we can not get universal links / Deep link to work for us. OUR SETUP - We are running Flutter and are looking to post images from the Gallery into the app only issue is it does not pick up the page its meant to open once the share button is clicked. We have tired all the steps meticulously and still can not get it to work. Are they any known issues with this ?

Hi, Can a single domain serve a /.well-known/apple-app-site-association file for multiple apps from different developers? We currently have our own domain, let's say example.com, which serves https://example.com/.well-known/apple-app-site-association which lists our app, let's say "ABCDEFG.com.example.AppA" for path "/app/a". We're talking with another developer who has another app on the store. Can we add their app, "MNOPQR.com.different.AppB" on our site, https://example.com/.well-known/apple-app-site-association, add their app ID for path "/app/b", ask them to add our example.com domain in their associated-domains entitlement, and would it work? I mean would https://example.com/app/a open our app "ABCDEFG.com.example.AppA" and https://example.com/app/b open their app "MNOPQR.com.different.AppB" ? We want to open https://example.com/redirect/app redirect to either /app/a or /app/b depending on the query parameters and launch our or their app. Thanks in advance!

An archived documentation article about Universal Links, https://developer.apple.com/library/archive/documentation/General/Conceptual/AppSearch/UniversalLinks.html states: "In your com.apple.developer.associated-domains entitlement, include a list [...], prefixed with applinks:, such as applinks:sub.mywebsite.com. Limit this list to no more than about 20 to 30 domains." This document was updated last in 2016 and it appears to be archived since 2018. Newer documentation, like https://developer.apple.com/documentation/xcode/supporting-associated-domains or https://developer.apple.com/documentation/xcode/configuring-an-associated-domain do not mention any limitations and since iOS 14 there is also an Apple provided CDN that apps use to fetch domain association data, which lets one think that the limit may have been lifted. However, I'm in the process of implementing universal links and shared web credentials for a portal app with many customers, a few hundreds of them have their own domain, and would like to be sure this is supported before putting all the work into it. So if anyone with a similar setup or someone from Apple could share/verify that there is no such limit anymore (or if any, what number) I would highly appreciate it. Bests bbjay

I have managed enterprise app. universal link is working as expected from the safari but when I tried the same functionality from the managed edge browser, edge does not detect the universal link. Unable to open our managed app from the edge browser, although from the safari it's working as expected. Unable to open our managed app from the outlook/Team. although from a non-manged app, we can open our managed app. Does edge browser support universal link? iOS version : 17.4.1

Hi, I have added associated domains support for our desktop app and it works fine on my machine. But when I deploy it on other machines, it is not launching. It throws ‘The application ““ can’t be opened” message. It works fine when I install provisioning profile on those machines. Xcode is not allowing me to code sign the app manually as part of build process. Till now we were dong the same for other apps. Associated domain need a provisioning profile and I have created one distribution profile and code signed it. Now it works fine only on my machine and not working on other machines. It works only on other machines if I install provisioning profile. What should be the issue? How do I work this macOS app on other machines without installing provisioning profile?

We've got a AASA file on our site that has a list of URLs that our App can handle. These URLs follow a REST standard, but also have resource identifiers in them, for example /site/:siteId /site/:siteId/service/:serviceId Our service IDs are limited to specific numbers, which we've hardcoded in our AASA file so that only specific service URLs will open. Our AASA file looks like the below { "applinks":{ "apps":[], "details":[ { "appID":"${appIdPrefix}.${bundleIdentifier}", "paths":[ { "/":"site/*/service/1/" }, { "/":"site/*/" } ] } ] }, "webcredentials":{ "apps":[ "${appIdPrefix}.${bundleIdentifier}" ] }, "appclips":{ "apps":[ "${appIdPrefix}.${bundleIdentifier}.clip" ] } In this example, hitting a URL like /site/1/service/1 works correctly - however, hitting a URL like /site/1/service/999 will also open the app, despite it not being a valid URL. I'm assuming that the wildcard on site/*/ is causing the invalid URL to match. How can I set my AASA up so that the site ID can still be any value, but the URL is matched strictly?

This page describes the procedure to create deep links in iOS. I was able to launch an IOS Companion app (name of the app in my case) using its deep link. But the same is not working in AppleWatch. This is my plist to register a custom scheme - Companion: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>CFBundleURLTypes</key> <array> <dict> <!-- <key>CFBundleTypeRole</key> <string>Viewer</string> --> <key>CFBundleURLName</key> <string><some unique ID></string> <key>CFBundleURLSchemes</key> <array> <string>Companion</string> </array> </dict> </array> </dict> </plist> I have implemented onOpenURL(perform:) to handle app launches using a deep link (url). var body: some Scene { WindowGroup { ContentView() .onOpenURL(perform: { (link: URL) in Log(String(format: "Link = %@", link.absoluteString)) // Use then deep link }) } } In iOS, I tested deep links in two ways: Wrote the full deep link in Notes app and tapped it. Created another app called AppLauncher with a Button saying 'Launch using Deep link'.... which when clicked opens the deep link using open(_:options:completionHandler:). Both the approaches work in iOS, but in watchOS, I can only try 2 because Notes app is not available for AppleWatch. So, I created another watchOS app called AppLauncher, which displays a SwiftUI Button saying 'Launch using Deep link', which when tapped, tries to open the link using openSystemURL(_:). But as mentioned in the documentation (linked earlier), Opens the specified system URL. this API only works for links associated with System apps i.e., Apple's call and message apps. So, how else can I use deep link to launch another app? I believe it's possible to launch an app using its deep link because the info.plist keys required to define a deep link scheme association (CFBundleURLTypes, CFBundleURLSchemes etc) is valid for watchOS too.

I'm running my Capacitor app on my iPad on Developer mode and I haven't been able to get the Universal Link working. https://my-domain.com//.well-known/apple-app-site-association in browser and via curl correctly returns the file. running sudo swcutil dl -d https://my-domain.com --verbose returns SWCErrorDomain 8 { Domain: "<_SWCDomain 0x600002c92d80> https", Line: "532", Function: "-[SWCDownloader(Private) _downloadAASAFileForDomain:applicationIdentifier:downloadRoute:discretionary:completionHandlers:]_block_invoke" } I made my way down through here: <https://developer.apple.com/documentation/technotes/tn3155-debugging-universal-links#Host-and-verify-your-AASA> I continued onto the next section, but swcutil_show.txt file doesn't list my app even after uninstalling and re-deploying the app. Any help is appreciated!

I have an application which supports universal links. Say it supports the domain www.example.com and thus universal links can be easily opened via this. We will have applinks:www.example.com in associated domains. Now say if I want to release another app and it also supports the same domain. Now how will iOS distinguish which app to open via universal links..?

Subject: Inquiry Regarding Placement of .well-known Folder for Hosting apple-app-site-association File I am writing to inquire about the placement of the .well-known folder for hosting the apple-app-site-association file. Currently, we are working on configuring deep linking for our iOS app, and we have encountered a question regarding the appropriate location for hosting the apple-app-site-association file. Our domain, service2-uat.mom.gov.sg, hosts various web assets, and we are considering placing the ".well-known" folder in a non-root directory, specifically at "https://service2-uat.mom.gov.sg/fwmc/api/stg/permanent/.well-known/apple-app-site-association", instead of the root directory. Before proceeding with this configuration, we wanted to confirm whether it is permissible and supported by Apple's specifications and requirements. Our objective is to ensure compliance with Apple's guidelines while optimizing our server structure. Could you please provide guidance or clarification on whether hosting the .well-known folder in a non-root directory is acceptable for serving the apple-app-site-association file? Additionally, if there are any specific considerations or best practices related to this configuration, we would greatly appreciate your insights. Thank you very much for your assistance in this matter. We look forward to hearing back from you soon. Best Regards, Senthil S

I have published the app on the App Store along with its corresponding app clip, my app clip is configured with some advanced experiences for each one of my clients, but whenever some users try to scan an NFC or QR Code they see the card rendering correctly with their configured banner image, but with the message "App Clip Unavailable". The weird thing is that both iMessage and the website to which the associated domain is set and the apple-app-site-association is stored, renders the banner or card correctly, and when the users tap the banner or card they open the advanced app clip experience correctly without any issue. I have attempted to troubleshoot the issue by checking the following: if the app clip is below 15MB if we are using a second level domain in my associated domain both for my app clip and app (excluding the www subdomain). checking if the AASA is correctly stored inside .well-known directory checking the configuration for the advanced experience I opened a case: 102233443873, and added a bunch of videos and screenshot showcasing the issue, but I have not yet received a reply

The universal link for my app was working perfectly fine 2 days before but suddenly it stopped working. We have not changed applinks, or AASA file for long time.

I followed the steps in this https://docs.flutter.dev/cookbook/navigation/set-up-universal-links to implement universal links and created a link that I published to the App Store. However, when I click on the deep link, I receive a 404 error in the browser saying the page can't be found. When the app is installed, all the redirections with the deep link work correctly. My problem is navigating to the App Store to the app's page. What should I check, and how can I determine if the problem is in the apple-app-site-association file or in some setting in the app? I try to add * like prefix on url in app setting but this don't help.

I am trying to Execute Universal Link of Netflix show from My App in tvOS 17.2 When I Call the open(_:options:completionHandler:) to execute the Link it does open the Netflix App but open the landing page of Title. I have tried different alternative links but all has same behaviour. The same Link works in iOS ans iPad OS. Here the links that I have tried and the code that handles the universal Link. http://www.netflix.com/title/81731618 nflx://www.netflix.com/title/81731618 // Handle remote notification here // For example, extract deep link and perform appropriate action if let deepLink = userInfo["deep_link_key"] as? String { // Handle the deep link here print("Received Deep Link: \(deepLink)") if let url = URL(string: deepLink) { UIApplication.shared.open(url) } } }

Hello Everyone, we've encountered an issue with our iOS mobile application, particularly affecting users on iOS version 17. It appears that our universal deep links coming from redirects have ceased to function properly. We've got quite a few marketing campaigns that send out promotional emails through an emailing system, which wraps our site's links inside their own. Obviously tapping these links does not open our app, instead directs the user to web mobile. Older phones like iPhone X with iOS 16 still work properly. We have checked domain association, and also when tapping direct deep link everything works properly. However, the issue arises specifically when users interact with marketing tracking links that redirect to a deep link. In this scenario, both Safari and Chrome fail to redirect outside of the browser environment. Instead, they execute an HTTP 301 redirection within the browser itself. Is this something be expected from iOS version 17, is there a way to avoid this behaviour and still continue using marketing links with redirection?