"Sign in with Apple" domain verification issue

I'm following the steps to impliment "Sign in with Apple" and I'm stuck tyring to verify my domain on this page:


https://developer.apple.com/account/resources/services/configure


I've downloaded the apple-developer-domain-association.txt text file and placed it on my server at the path:


https://myserver.com/.well-known/apple-developer-domain-association.txt


I've tested loading that file from a web browser.. it works fine. But the "Verify" button rejects with "Verification failed for domain". I get no further debug info.


Has anyone else run into this or verified sucessfully? I've noticed each time I download the apple-developer-domain-association.txt file it's different and I've made sure my server is in sync with the last time I grab the file.. done this multiple times.. no luck.


Thanks

Daniel

Replies

I've had the same and it's great to see Apple are jumping on the issue to help people.


One thing I had wondered, our infrastructure redirects domain.com/path.txt to www.domain.com/path.txt. I would expect the verification to follow a redirect like this.

Both urls (with and without www) return the same file in my setup. I omitted the www in the web dialog to generate the key file. Yes, no word from Apple and not seeing much help on other similar threads. Clearly it’s not just me, odd there’s no help at all. I was hoping to support Sign In with Apple on day one. If you find a solution please share. I did see one doc that mentioned a DNS txt record needed, but no further info on what that would be and wondered if it was just an out of date doc. If I find that page again I’ll post the link. D

The page I’m referring to is https://help.apple.com/developer-account/#/devf822fb8fc It looks like the SPF txt record is just for the email relay service though I still don’t see what that record would contain. D

Did you ever get a solution to this?

I'm curious about which hosting service you used too. I tried implementing it on an existing app, but since the domain is on Wix we have learned we can't get this verified, without migrating the site elsewhere.

I haven’t. I’ve set it aside for other more important tasks. But I did find this blog post that looked promising but haven’t tried to go though the steps yet. https://www.manton.org/2019/09/23/sending-email-for.html D

Thanks, this should help.

I found this thread useful too: https://forums.developer.apple.com/thread/122124

Still haven't fixed our issue yet, or managed to get verififed. Tried a couple of domains now. Squarespace and some others. I'm really hoping we don't have to do too much custom work to get a site up just for this.

We have finally gotten our domain verified, here is what we have learned, hopefully, it can help someone else:


  • Wix doesn't support storing a file like this, and doesn't seem interesting in doing so.
  • Squarespace allows you to "link" a file, which appears to work when you test the link, but it fails apple's verification check
  • Using a standard Webhosting service (for example https://www.interserver.net/)with cPanel allowed us to store the file in the right place, and apple to verify.
  • Chrome Browser will allow you to verify, but will do so silently with no confirmation.
  • Safari Browser will show you a visual confirmation that the domain has been verified.


Now, to see if the relay service will work with SES ...

I was also getting this issue. Contacting Apple Developer Program support revealed the following:


1. A downloaded domain verification file is valid for only 7 days.
2. The latest file downloaded should be available for verification. If you download more than one file in a 7 day period, only the latest file should be placed in the given location.
3. The verification will fail if you place any file other than the latest domain verification file downloaded during this 7 day period.


Information I can't find documented anywhere.


In my case our file had expired. Generating a new file, uploading it to the domain and trying the verification again before it expired again worked.

I have this problem as well for Squarespace. When I add to the Advanced DNS settings TXT file and paste the key, I get "Verification failed for domain" from Apple's verify result.

I was having problems, but had a merchantID file in that folder from before. Having downloaded the verification.txt file before, the new version had (1) at the end of the name. After uploading it to my webserver, I went to edit the file name ... removed the "(1).txt" from the name.


Hit the Verify button and voila! Green check mark!

Hi, please could you tell me where you found the apple-developer-domain-association.txt file?
On 15th Nov 2020, it apparently is not requiring to upload verification text file any longer to your server, and there is nothing like downloading the txt file also. You just need to add your domain address correctly, like 'apple.com' (without prefix).
  • So, could someone from apple approve that there is no need in this verification? For now I can not see not only buttons download/verify but even listed domain and redirect url I've entered

Add a Comment

For anyone facing this issue recently and using an email service like GSuite or AWS SES, the following link Configure private email relay service from Apple's own documentation helped me a lot. Especially the last part of that link:

Configuring Your Email Service Provider (ESP) Account
SPF TXT Record for example.com to support using Amazon SES example.com. 
IN TXT "v=spf1 include:amazonses.com ~all" 

Also, it looks like Apple needs the SPF record to be a TXT record, and not the traditional SPF type of record which is still available in all DNS providers but all of them have marked it as deprecated.

Hope this helps someone!!