Android applinks not working in released build but work correctly from a local install

Question

I have a game that is using applinks. The applinks work fine when running debug and release versions from my computer but don't work for the version downloaded from Google Play. With the Google Play version, I get a dialog asking which app should open the link.

I use "App Signing by Google Play" and understand that the release APK is signed by Google and has a different signature. I've added the SHA-256 certificate fingerprint from the app signing certificate listed on Google Play to my assetlinks.json so it contains the fingerprint from both the local and Google Play versions.

I've also downloaded a derived APK from Google Play and made sure that the fingerprint matches that in the assetlinks.json file.

Here's an example URL, that when clicked in Android should open the app, which it does for a local build, but not in the Google Play version. Instead, I get a dialog asking which app should open the link.

https://letsdraw.fun/ec?parent=Z0ibN7m-H8jO1jCiMRQtY23VTpKjnIch

I'm writing out the SHA256 fingerprint in logcat from the live release version to double check it's correct and it all looks fine.

The original signed APK and Google Play signed APK can be downloaded from here. Both of these APKs were downloaded from Google Play, one "original" and one "derived", so they should be identical apart from the signing. Interestingly, they're slightly different sizes. 11,590,297 bytes vs 11,601,619 bytes.

Looking at the output from adb shell dumpsys package domain-preferred-apps the original signed apk is

  Package: com.scribble.exquisitecorpse
  Domains: letsdraw.fun scribble-cloud.appspot.com scribble-cloud-v24-test-dot-scribble-cloud.appspot.com
  Status:  always : 200000000

Whereas the Google Play signed apk is

  Package: com.scribble.exquisitecorpse
  Domains: letsdraw.fun scribble-cloud.appspot.com scribble-cloud-v24-test-dot-scribble-cloud.appspot.com
  Status:  ask

When testing with the test page mentioned by @ymindstorm

https://developers.google.com/digital-asset-links/tools/generator

I get the message

Success! Host letsdraw.fun grants app deep linking to com.scribble.exquisitecorpse.

Do you have any suggestions as to what could be causing this?

Update: I've now reported this to Google as a bug, as I can't work out what's going on. https://issuetracker.google.com/issues/162564916

Answer 1

I got help from Google eventually... it wasn't a bug.

The build process was merging in the host from the network_security_config.xml file, so even though the AndroidManifest.xml file specified:

        <intent-filter android:autoVerify="true">
            <action android:name="android.intent.action.VIEW" />

            <category android:name="android.intent.category.DEFAULT" />
            <category android:name="android.intent.category.BROWSABLE" />

            <data android:host="letsdraw.fun" android:pathPrefix="/ec" android:scheme="https" />
            <data android:host="letsdraw.fun" android:pathPrefix="/restore" android:scheme="https" />
        </intent-filter>

The file from the build process specified other hosts too:

        <intent-filter
            android:autoVerify="true">

            <action
                android:name="android.intent.action.VIEW" />

            <category
                android:name="android.intent.category.DEFAULT" />

            <category
                android:name="android.intent.category.BROWSABLE" />

            <data
                android:scheme="http"
                android:host="scribble-cloud-v24-test-dot-scribble-cloud.appspot.com"
                android:pathPrefix="/ec" />

            <data
                android:scheme="https"
                android:host="scribble-cloud.appspot.com"
                android:pathPrefix="/ec" />

            <data
                android:scheme="https"
                android:host="letsdraw.fun"
                android:pathPrefix="/ec" />

            <data
                android:scheme="https"
                android:host="letsdraw.fun"
                android:pathPrefix="/restore" />
        </intent-filter>

On this page it states that

Only if the system finds a matching Digital Asset Links file for all hosts in the manifest does it then establish your app as the default handler for the specified URL patterns.

The problem was that my test host was not returning the same assetlinks.json file as the other hosts.

After building your APK, using IntelliJ or Android Studio go to Build | Analyze Apk and open the just built APK to check your hosts are all correct and the assetlinks.json file is returning the correct signatures.

Why is it merging the manifest file like this? Hopefully, we'll find out here!

Answer 2

The documentation states:

To enable link handling verification for your app, set android:autoVerify="true" in any one of the web URL intent filters in your app manifest that include the android.intent.action.VIEW intent action and android.intent.category.BROWSABLE intent category [...]

When android:autoVerify="true" is present on any one of your intent filters, installing your app on devices with Android 6.0 and higher causes the system to attempt to verify all hosts associated with the URLs in any of your app's intent filters. Verification involves the following:

The system inspects all intent filters that include:

• Action: android.intent.action.VIEW
• Categories: android.intent.category.BROWSABLE and android.intent.category.DEFAULT
• Data scheme: http or https For each unique host name found in the above intent filters, Android queries the corresponding websites for the Digital Asset Links file at https://<hostname>/.well-known/assetlinks.json.

Only if the system finds a matching Digital Asset Links file for all hosts in the manifest does it then establish your app as the default handler for the specified URL patterns.

So in order for you to skip the disambiguation dialog, you need to verify that you configured your app correctly and that the assetlinks.json is available at the correct location. From experience common pitfalls are:

• Forgetting the autoVerify
• Having multiple links declared in one statement and not having the correct association file present on EVERY domain
• Forgetting having granted development apps special permissions before
• Having more than one app installed which tries to register itself as the resolver of the link

You can use this handy tool to check if your configuration file is correct:

https://developers.google.com/digital-asset-links/tools/generator

Answer 3

For me, none of the above solutions seemed to work.

Every link was working fine while testing with local/signed apk, but things fell apart when I uploaded app on Play Store (.aab) All the links were getting redirected directly to web. I had double checked all the related files (Manifest, assetlinks.json) etc.

The actual issue in my case was ONE missing SHA value. I had to

1. Go to Play Console
2. Go to "Deep links" section under "Grow" category
3. Select the "Not working" (marked in red) link.
4. Copy the suggested code snippet
5. Replace it in my current assetlinks.json file