The issue is about Passkeys.
When the website (RP) is not using the default https port (443), the relyingPartyIdentifier for ASAuthorizationPlatformPublicKeyCredentialProvider(relyingPartyIdentifier: "example.com") needs to contain the port number, otherwise it returns Application is not associated with the domain.
That is incorrect behavior, the RP ID should not contain a port number. In WebAuthn sepc. (https://www.w3.org/TR/webauthn-2/#relying-party-identifier), it mentioned that a relying party identifier is a valid domain string. The definition of valid domain string doesn't contain a port number. (https://url.spec.whatwg.org/#valid-domain)