Universal Links (HTTPS Deep Links) on iOS and Android
Set up Apple App Site Association and Android App Links files on your web server, configure entitlements and intent filters in the app, and verify end-to-end deep linking.
Why Universal Links Over Custom Schemes
Universal links use real HTTPS URLs to open your app. When a user taps https://myapp.com/profile/123, iOS or Android checks if your app is installed and capable of handling that URL domain. If yes, it opens your app directly — otherwise it falls back to the website in the browser.
This solves two problems with custom schemes: (1) fallback — if your app isn't installed, the user still sees a working web page; (2) security — only your app can claim your domain because the OS verifies ownership through server-hosted files.
How Universal Links Work
When your app is installed, both iOS and Android download a verification file from your server to confirm that your app is authorized to handle URLs on your domain. This verification happens once at install time (and periodically thereafter). The files are served at well-known URLs on your HTTPS domain.
When a user taps an HTTPS link to your domain, the OS checks its cached verification and routes to your app instead of Safari/Chrome — no browser, no redirect, instant in-app navigation.
// iOS: https://myapp.com/.well-known/apple-app-site-association
// Android: https://myapp.com/.well-known/assetlinks.json
// Both files must be:
// - Served over HTTPS
// - Accessible without redirects
// - Correct Content-Type
// - Cached but refreshableAll lessons in this course
- Configuring Custom URL Schemes
- Linking API and URL Parsing
- React Navigation Deep Link Configuration
- Universal Links (HTTPS Deep Links) on iOS and Android