development

Domain Verification

The process by which Apple and Google confirm that a developer owns a web domain and is authorized to have their app handle URLs from that domain.

aasa digital asset links universal links

Domain verification establishes a trusted link between your web domain and your mobile app. It prevents unauthorized apps from intercepting URLs intended for your app and is required for Universal Links, App Links, App Clips, and Instant Apps.

How Verification Works

Apple (iOS): You host an AASA file at https://yourdomain.com/.well-known/apple-app-site-association containing your app’s Team ID and bundle identifier. Apple’s CDN fetches and caches this file. Your app declares the domain in its Associated Domains entitlement. When both sides match, verification succeeds.

Google (Android): You host an assetlinks.json file at https://yourdomain.com/.well-known/assetlinks.json containing your app’s package name and signing certificate fingerprint. Android verifies at install time and when links are opened.

Why It Matters

Without domain verification:

  • URLs open in the browser instead of your app
  • App Clips and Instant Apps cannot be invoked from your domain
  • Deep links fall back to web behavior
  • Your app cannot participate in Handoff or password autofill

Debugging Verification

Common verification failures and solutions:

  • File not accessible: Ensure no redirects, authentication, or firewall blocks the .well-known path
  • Wrong identifiers: Team ID, bundle ID, or certificate fingerprint must match exactly
  • Caching delay: Apple’s CDN takes up to 24 hours to reflect changes
  • HTTPS required: Both platforms require a valid SSL certificate