Apple Sign In - Verification failed for domain

I was also getting this issue. Contacting Apple Developer Program support revealed the following:

1. A downloaded domain verification file is valid for only 7 days.
2. The latest file downloaded should be available for verification. If you download more than one file in a 7 day period, only the latest file should be placed in the given location.
3. The verification will fail if you place any file other than the latest domain verification file downloaded during this 7 day period.

Information I can't find documented anywhere.

In my case our file had expired. Generating a new file, uploading it to the domain and trying the verification again before it expired again worked.

Seems odd, maybe they meant you need to grab and use it within 7 days of being requested/downloaded...

According to the docs:

Renew Your Domain Verification

Domain verification expires on the same date that your domain’s SSL certificate expires. Apple servers check if SSL certificates have been renewed at 30, 15, and 7 days before expiration.

I had to create a folder .well-known and place the file in that folder specifically, after that all worked fine.

I'm running node js and express and had the issue because I bought a cheap SSL cert from Sectigo.

Here's what I did to fix it.

1. Check your SSL certificate for errors https://www.digicert.com/help/

2. I had to install an intermediate certificate. That solved the issue.

If you perform the check in Safari, it won't give you a confirmation that the domain is verified.

Instead, perform the check in Chrome and it will give you a confirmation.

3. Inspect the HTTP header coming back from your server. If it's a 301 Apple won't follow it. Instead, the verification file must be returned via 200 HTTP status code. The verification file I'm referring to is https://example.com/.well-known/apple-developer-domain-association.txt where example.com is your domain.

Indeed it was redirected to "www.mydomain.com" so I had to reconfigure the domain to www.mydomain.com, download and paste the new apple-developer-domain-association.txt file in the project folder and it worked.

I tried doing this but it still doesn't identify the file. I'm running my site on wordpress, would that affect anything? Or the file permissions?

As far as I know they require second level domain. Third level domain won't work.

I'm really curious about this one! Do you have the link of the doc/thread where this is mentioned?

Would be really helpful, thanks 🙂

The documentation says:

To verify ownership of your domain, select Download to get the verification file, upload it at the URL listed below, and click Verify.

../example.com/.well-known/apple-developer-domain-association.txt

(I used here ../ to avoid the message from being moderate)

How do you create a folder called .well-known?

I got this error:

You can’t use a name that begins with a dot because these names are reserved for the system.

Please choose another name.

I finally managed to verify my domain by temporally disabling the Cloudflare Proxy for the DNS entry. Used also the blank domain (example.com instead of www.example.com and had to temporally disable non-www to www redirects).

After that I got a just the loading animation and any error message. After reloading the Verification Page showed the green verification badge.

where is this file? it looks like this file cannot never been downloaded