I have hosted my AASA file in https://powerbrowser.app/.well-known/apple-app-site-association in signed format as per documentation. I still can not see open in app button when open a link by long press. By the way i have activated 'Associated Domains' and put proper entitlements as per documantation.

We have implemented Universal Links for iOS. We have deployed the following file as per the documentation: /.well-known/apple-app-site-association Everything works fine until my organization applied domain-level block on traffic out side my country. We need to whitelist Apple servers but we cannot find their IPs or domains used to access this file.

I need to know the https address of a certain page within my app. This is going to be used as a redirect URL. I don't think it is a good idea to use deep links because it has to be an https address. I don't think Universal Links will work because it is not my website that I will be communicating with.

I am trying to setup a unversal linking for my new developing app. but it look like not function well. did any one have some examples or demo domains suggest to use? In fact finally my app is just internal using, user will not suppose connect to internet , how can I using the universal linking without a website ? Thanks

Without developer mode, I was able to get Password AutoFill to work in my SwiftUI app with my local Vapor server using ngrok and adding the Associated Domains capability with the value webcredentials:....ngrok-free.app and the respective apple-app-site-association file on my local server in /.well-known/. (works on device, but not in the simulator). However, if I use the developer mode (webcredentials:....ngrok-free.app?mode=developer) it only works halfway when running from Xcode: I get asked to save the password, but the saved passwords are not picked up, when I try to login again. Neither on device, nor in the simulator. If I remove the ?mode=developer it seems to work as expected. Is this by design, or am I missing something? var body: some View { ... Section(header: Text("Email")) { TextField("Email", text: $viewModel.credentials.username) .textContentType(.username) .autocapitalization(.none) .keyboardType(.emailAddress) } Section(header: Text("Passwort")) { SecureField("Passwort", text: $viewModel.credentials.password) .textContentType(.password) } ... }

In a project having both an app and a website, the following two website urls are to be handed over to the corresponding app: https://www.example.com/search?plus https://www.example.com/search?query=something In AASA file, this becomes: "components": [ { "/": "/search", "?": { "plus": "", "query": "?*" } } However, finally it does not work for both urls. Only the one with "query" works by hand over to app. For investigation, I have tried this for the problematic link: "components": [ { "/": "/search", "?": "plus" } and this works. How can I get both to work? (note that for the sake of brevity, only a portion of the AASA files are shown)

Hello, We're facing an issue with app links failing and falling back to browser website journeys. Our apple-app-site-association file is hosted publicly and the app to app journeys have been working correctly up to very recently - we are trying to identify any potential network infra changes that could have impacted the Apple CDN being able to retrieve the apple-app-site-association file. We can see in the iPhone OS logs that the links cannot be verified by the swcd process, and using the app-site-association.cdn-apple.com/a/v1 api via curl can also see the CDN has no record of the AASA file. Due to the traffic being SSL and to a high volume enterprise site it is difficult for use to trace activity through anything other that the source IPs - we cannot filter on user-agent for "AASA-Bot/1.0.0" as breaking the SSL would be impactful due to the load. Is it possible to get a network range used by the Apple CDN to retrieve the AASA file as this would help us identify potential blocking behaviour? Thank you.

I've a strange problem which is only occurring on 2 client devices. We have enabled Universal links, and have it fully tested and working. On one client device, the link never opens our app; but here's the strange thing: If I long-press on our link (in Messages), it gives a preview (as expected), and the context menu offers "Open in ", as well as "Open in Safari". Tapping on "Open in " does nothing. I've tried the following: Checked I could access the site-association file over https with no redirects Enabled developer mode and used universal link debug feature: pasted the same link - Developer mode says it will open the app. I've carried out the sysdiagnose; And there are entries in there for our app in swcutil_show.txt. Snipped below: Service: applinks App ID: <my fully qualified app bundle id> App Version: 760.0 App PI: <LSPersistentIdentifier 0x6b8008930> { v = 0, t = 0x8, u = 0x45c, db = DC8D18A2-430D-4AD4-A5BE-B7A003CF9A6F, {length = 8, bytes = 0x5c04000000000000} } Domain: www.<mydomain>.com Patterns: {"/":"/cc/*"}, {"?":{"t":"*"},"/":"/md/"} User Approval: unspecified Site/Fmwk Approval: approved Flags: Last Checked: 2025-04-29 09:10:21 +0000 Next Check: 2025-05-04 08:42:50 +0000 -------------------------------------------------------------------------------- Service: applinks App ID: <my fully qualified app bundle id> App Version: 760.0 App PI: <LSPersistentIdentifier 0x6b8008930> { v = 0, t = 0x8, u = 0x45c, db = DC8D18A2-430D-4AD4-A5BE-B7A003CF9A6F, {length = 8, bytes = 0x5c04000000000000} } Domain: <mydomain>.com Patterns: {"/":"/cc/*"}, {"?":{"t":"*"},"/":"/md/"} User Approval: unspecified Site/Fmwk Approval: approved Flags: Last Checked: 2025-04-29 09:10:21 +0000 Next Check: 2025-05-04 08:42:50 +0000 -------------------------------------------------------------------------------- Service: applinks App ID: <my fully qualified app bundle id> App Version: 760.0 App PI: <LSPersistentIdentifier 0x6b8008930> { v = 0, t = 0x8, u = 0x45c, db = DC8D18A2-430D-4AD4-A5BE-B7A003CF9A6F, {length = 8, bytes = 0x5c04000000000000} } Domain: *.<mydomain>.com Patterns: {"/":"/cc/*"}, {"?":{"t":"*"},"/":"/md/"} User Approval: unspecified Site/Fmwk Approval: approved Flags: Last Checked: 2025-04-29 09:10:21 +0000 Next Check: 2025-05-04 08:42:50 +0000 -------------------------------------------------------------------------------- The version numbers match the installed version of my app I've tried running logging and just capturing logs before and after I press the "open in ", but there's nothing suspicious in there. And the kicker - it's only happening on a single device. No other devices are experiencing this.

Question: I'm aware of the AASA file hosting procedure to make app clips work and link them to your website, but IIRC you can trigger app clips via the simple appclip.apple.com URL too, right? As a result no need to host the AASA file. Like my app store connect gave me the URL https://appclip.apple.com/id?p=myname.myappsname.Clip but when I click it it says "This app clip is not currently available in your country or region". However I'm also getting Bad JSON content on the View Status under the domain. I'm so confused.

Hi! We are having a hard time with the universal link, help is appreciated! Thanks in advance! The universal link doesn't work after installation for some time. A user has to wait for from 5 to a couple of hours after the app is installed on the device. This has also affected App reviewers since we need the universal link to work for successful login. Each submission will receive a rejection of we cannot login and it will be approved until we kindly ask them to try again. I believe the JSON is delivered to devices by Apple's CDN system and the fact that it works on most devices most of the time should imply that we have a valid apple-app-site-association setup. So I am really confused about the wait time, which is giving us trouble with app review and a bad user experience

Hello, we are currently encountering a similar issue. We need to inject our capabilities into a third-party app by re-signing it (not a full re-signing process—just requiring the provisioning profile and certificate to match). However, this seems to affect the functionality of universal links. We've found that this issue only occurs on iOS 18. We noticed that when re-signing the app, the entitlements related to associated domains are changed to a wildcard: [Key] com.apple.developer.associated-domains [Value] [Array] [String] * However, this doesn’t cause any issues on iOS 17. Through further testing, we discovered that in order for universal links to work properly, we need to restore the original value of com.apple.developer.associated-domains and use a provisioning profile that matches the app's bundle ID. This means our previous re-signing approach using a certificate and provisioning profile from another bundle will no longer work. We’d like to ask: is this a new restriction introduced in iOS 18? If we manually restore the original com.apple.developer.associated-domains entitlement and use a provisioning profile that matches the app’s bundle ID, will universal links function correctly going forward?

I've defined a URL scheme for my application, and that's being honored by iOS. But the function that's supposed to handle the URL in my appliation (as documented here) is never called. The documentation doesn't say exactly where this is supposed to go. I've tried it in my App struct: @main struct MyGreatApp: App { var body: some Scene { WindowGroup { MainView() } } // Handle custom URLs, specifically the ones sent in invitation E-mails or texts. func application(_ application: UIApplication, open theURL: URL, options: [UIApplication.OpenURLOptionsKey : Any] = [:] ) -> Bool { // Determine who sent the URL. let sendingAppID = options[.sourceApplication] print("source application = \(sendingAppID ?? "Unknown")") ... And I also tried putting this at the file level. No dice either way. Anybody have an idea why? To head off things I've seen in other posts: I'm not using scenes, and there's no SceneDelegate.

We put the apple-app-site-association file at https://ourdomain.com.tr/.well-known/apple-app-site-association. When we send a request to url, we get 200 response code every time and we can see the file. But sometimes when we try to access https://app-site-association.cdn-apple.com/a/v1/ourdomain.com.tr url with browser or CMD tool, we are facing with 404 response code. There isn't any ip adress filter in our systems and we tried using vpn for sending same request from different locations(america and europe) but nothing changed. In addition, can anyone provide the ip list of apple cdn servers to check the F5 Load balancer WAF logs? CMD output: C:\Users\Name>curl -Lv https://app-site-association.cdn-apple.com/a/v1/ourdomain.com.tr Host app-site-association.cdn-apple.com:443 was resolved. IPv6: (none) IPv4: 17.253.122.197, 17.253.15.210, 17.253.122.196, 17.253.107.201, 17.253.57.203, 17.253.15.198, 17.253.57.200 Trying 17.253.122.197:443... Connected to app-site-association.cdn-apple.com (17.253.122.197) port 443 schannel: disabled automatic use of client certificate ALPN: curl offers http/1.1 ALPN: server accepted http/1.1 using HTTP/1.x GET /a/v1/ourdomain.com HTTP/1.1 Host: app-site-association.cdn-apple.com User-Agent: curl/8.9.1 Accept: / Request completely sent off schannel: remote party requests renegotiation schannel: renegotiating SSL/TLS connection schannel: SSL/TLS connection renegotiated < HTTP/1.1 404 Not Found < Apple-Failure-Details: {"cause":"context deadline exceeded (Client.Timeout exceeded while awaiting headers)"} < Apple-Failure-Reason: SWCERR00301 Timeout < Apple-From: https://ourdomain.com.tr/.well-known/apple-app-site-association < Apple-Try-Direct: true < Cache-Control: max-age=3600,public < Content-Length: 10 < Content-Type: text/plain; charset=utf-8 < Date: Mon, 14 Apr 2025 12:52:04 GMT < Expires: Mon, 14 Apr 2025 12:52:14 GMT < Age: 1770 < Via: http/1.1 uklon5-vp-vst-004.ts.apple.com (acdn/268.14469), https/1.1 uklon5-vp-vfe-002.ts.apple.com (acdn/268.14469), http/1.1 frmrs1-edge-mx-008.ts.apple.com (acdn/268.14469), http/1.1 frmrs1-edge-fx-005.ts.apple.com (acdn/268.14469) < X-Cache: hit-fresh, hit-stale, hit-fresh, hit-fresh < CDNUUID: 9e72cf99-1503-4644-9ea3-173328a25c94-31496306226 < Connection: keep-alive < Not Found Connection #0 to host app-site-association.cdn-apple.com left intact

We are planning to use our internal IdP (PingFederate) for authentication of end users in their iOS apps using ASWebAuthenticationSession. Initial tests are successful, but the user is prompted for every login (and logouts) with a consent dialogue box: “AppName” wants to use “internal domain-name” to Sign In This allows the app and website to share information about you. Cancel Continue” Let’s say that our top-level domain is “company.no”, where our IdP is placed at “idp.company.com”. I have seen examples where the Associated domains entitlement points to the idp as a webserver for serving the JSON output AASA file. In this case that would be: authsrv: idp.company.com Anyone with experience implementing this structure with the IdP as webserver for serving the JSON output? Our problem is that trying to use the IdP as webserver for this purpose is that it is very complicated to modify the IdP’s webserver configuration. Also, this modification needs to be re-done every time we need to upgrade the IdP. My question is therefore also related to the options of which webserver to install the AASA file on. Has anyone installed the file on a generic webserver on the toplevel domain like “webserver.company.com” ?

I have universal links configured for my iOS app which work as expected when the app is installed. When the app is not installed the universal link will go to the browser as expected. What I want to do is redirect to the app store, allow the user to install the app, then redirect them to the initial universal link. Redirecting them to the app store isn't the hard part I can achieve that from the webpage, however I don't know how to save a reference to that initial link to redirect them once they instal the app. What I want the flow to be for a user who doesn't have the app is: visit a universal link (example.com/UUID) redirect to the app store and install the app open the app and redirect to example.com/UUID I've seen some ways people are doing this with the clipboard but I don't love that solution, I also don't want to use a 3rd party service if I can avoid it - how are the 3rd party services making this happen?

I'm developing an iOS app that utilizes Universal Links and ASWebAuthenticationSession to deep-link from a website to the app itself. This implementation adheres to the recommendations outlined in RFC 8252, ensuring that the app opening the ASWebAuthenticationSession is the same app that is launched via the Universal Link. Problem: 　While most users can successfully launch the app via Universal Links,a few percent of users experience instances where the app fails to launch, and the user is redirected to the browser. What I've Tried: 　ASWebAuthenticationSession Configuration: I've double-checked the configuration of callbackURLScheme and presentationContextProvider. 　Universal Links: Verified the apple-app-site-association file and associated domains entitlement. 　Network Conditions: Tested on various network environments (Wi-Fi, cellular) and devices. Questions: 　What are the potential causes for this behavior? 　Has anyone else encountered a similar issue and found a solution? 　Are there any debugging techniques or ways to generate more detailed logs? I haven't been able to determine which device or OS version is causing this problem. Thank you.

We have an Angular web application which gets installed as a webclip on client iPads. The web application has buttons that will take the user directly to our native iOS application. We also would like a way for our webclip application when opened to perform some data lookups and if certain conditions are met, then take the user directly to our native iOS app. We're using vanilla JS window.open. This works well when the user manually taps button. However, this does not work when the webclip application tries to open the native iOS app without user interaction. In that case the window.open does nothing. The window.open target URL is the exact same in both cases. We tried using URL Schemes instead of Universal Links but with this the iPad displays a modal asking "Do you want to open ?". For our use case, this is unacceptable. Is there any way for us to skip this prompt? We'd like there to be no additional action needed from the user to be able to get from webclip to native iOS app beyond simply opening the webclip.

Dear Apple Support Team, I hope this message finds you well. I’m reaching out to inquire about the limitations of deferred deep linking within iOS applications. Specifically, I’m interested in understanding the constraints and challenges that prevent deferred deep links from functioning as expected in certain scenarios (e.g., when the app is not installed or other related issues). Additionally, I would like to ask if there are any recommended alternative approaches or solutions to implement deep linking, ensuring that users can still be directed to specific content or screens even if they need to install the app first. Your insights and guidance would be greatly appreciated as I work to enhance the user experience in my app. Thank you for your time and assistance. Best regards, Santosh

My ASA file is located here https://staging.docyt.com/apple-appsite-association It downloads fine. It does not have .json extension and neither does it reside inside the ./well-known folder. Should it work? Because opening the link https://staging.docyt.com/reset-password is not opening the app installed via TestFlight . Installing via XCode however works fine. Please help

Hello! I'm working with universal links in my app and have configured the /.well-known/apple-app-site-association file. Currently, I use the paths array in this file to define URL routing rules. However, I’m struggling to find up-to-date documentation on the pattern syntax supported by the paths field. "paths": [ "/page/*", "NOT /page/*/subpage" ] Could someone clarify: Is the paths array still officially supported, or is it deprecated in favor of the newer components dictionary (as referenced here https://developer.apple.com/documentation/bundleresources/applinks/details-swift.dictionary/components-swift.dictionary)? If paths is still valid, where can I find documentation for its pattern-matching capabilities? I want to ensure my implementation aligns with Apple’s current best practices. Thank you!