Deep Linking

Last updated: Jun 15, 2026

Deep Linking allows your app to open automatically when a user taps a link to your website — in a browser, in an email, in WhatsApp, or anywhere else. Instead of the link opening in a browser, the OS detects that your app is installed and launches it directly, taking the user straight to the relevant content.

If the app is not installed, the link opens normally in the browser.

How It Works

  1. A user taps a link to your website (e.g., https://example.com/product/42).
  2. The OS checks whether an app is registered for that domain.
  3. If your app is installed and configured correctly, it opens and loads the URL.
  4. If the app is not installed, the browser opens the URL instead.

For this to work, both your app settings and your website server must be configured correctly.

Configuration

Scheme

Enter your website's protocol — the part before ://.

  • Use https (strongly recommended)
  • Do not include ://

For a website at https://example.com, enter: https

Host

Enter your domain name only — no protocol, no slashes.

For https://example.com, enter: example.com

If your site redirects between www and non-www, enter the version the browser settles on. For example, if example.com always redirects to www.example.com, enter www.example.com.

Developer Team ID (iOS Only)

Your Apple Developer Team ID, found in your Apple Developer account under Membership. It consists of uppercase letters and numbers, up to 15 characters.

Site Validation Files

After configuring the fields above, download the validation files and upload them to your web server. These files prove to the OS that your app is officially linked to your domain.

Android — assetlinks.json

  1. Download the assetlinks.json file from the Appilix dashboard.
  2. Upload it to your server at exactly this path:

https://example.com/.well-known/assetlinks.json

iOS — apple-app-site-association

  1. Download the apple-app-site-association file from the Appilix dashboard.
  2. Upload it to your server at exactly this path:

https://example.com/.well-known/apple-app-site-association
Important: Do not rename the files. The .well-known/ directory must exist on your server and be publicly accessible without authentication. HTTPS is required for both files to be recognized by the OS.

After Publishing to Google Play Store

When you publish your app to Google Play, Google automatically re-signs your APK with its own certificate through Google Play App Signing (enabled by default for all new apps). This means the SHA-256 fingerprint Google uses is different from the one in the assetlinks.json file you downloaded from Appilix.

If you don't update the file, deep links will work on directly installed APKs but will silently fail for anyone who installs your app from the Play Store.

How to Fix It

  1. Open Google Play Console and select your app.
  2. In the left sidebar, go to Protected with Play.
  3. Under Play Store protection, click Manage Play app signing.
  4. Find the SHA-256 certificate fingerprint listed under App signing key certificate.
  5. Copy that fingerprint.
  6. Open your assetlinks.json file and add it as a second entry in the sha256_cert_fingerprints array:

json
[
  {
    "relation": ["delegate_permission/common.handle_all_urls"],
    "target": {
      "namespace": "android_app",
      "package_name": "com.your.package",
      "sha256_cert_fingerprints": [
        "AA:BB:CC:...",
        "XX:YY:ZZ:..."
      ]
    }
  }
]

The first fingerprint is the original one from Appilix (your upload key). The second is the one from Google Play Console (Google's signing key). Keep both so deep links work whether the app is installed from the Play Store or sideloaded via APK.

  1. Re-upload the updated assetlinks.json to your server at .well-known/assetlinks.json.
Note: You only need to do this once. The Google Play signing certificate never changes for your app.

Checklist

Before publishing your app, verify the following:

  • Scheme is set to https
  • Host contains only the domain (with www if applicable), no slashes or protocol
  • Apple Team ID is entered (iOS only)
  • Validation files are uploaded to the correct paths
  • Both files are publicly accessible in a browser

After publishing to Google Play:

  • SHA-256 fingerprint from Google Play Console added to assetlinks.json
  • Updated assetlinks.json re-uploaded to your server

Once everything is in place, deep links will work automatically after the app is installed.