Home Blog App Links Setup: The Complete Guide for Android Apps

App Links Setup: The Complete Guide for Android Apps

App Links setup is one of the most impactful technical decisions you can make when building or maintaining an Android application. Done correctly, it allows users to open URLs directly inside your app – without the friction of a browser redirect or a disambiguation dialog. Done poorly, it silently fails and costs you conversions you never even knew you were losing.

This guide walks through the complete App Links setup process for Android, from the underlying mechanics to the exact configuration steps, common pitfalls, and real-world recommendations for SMB decision-makers who need reliable, production-ready deep linking.


Android App Links are a verified form of deep linking introduced in Android 6.0 (Marshmallow, API level 23). Unlike standard deep links that use custom URI schemes (e.g., `myapp://`), App Links use standard HTTPS URLs and require domain ownership verification by Google. When verified, Android opens the link directly in your app – no browser, no user prompt.

This matters for your business because:

According to Google's official Android documentation, verified App Links eliminate the disambiguation dialog entirely, giving your app a clear competitive UX advantage over unverified competitors.


Before diving into the App Links setup steps, it is important to understand the verification mechanism. Android uses a system called Digital Asset Links to confirm that a domain authorizes a specific app to handle its URLs.

The Verification Flow

1. The developer declares intent filters in `AndroidManifest.xml` with `autoVerify="true"`

2. Android downloads the `assetlinks.json` file from the declared domain

3. The file is validated against the app's package name and SHA-256 certificate fingerprint

4. If validation succeeds, the app is registered as a verified handler for that domain

5. All matching HTTPS URLs open directly in the app

This verification happens at install time and is repeated periodically. If your `assetlinks.json` file is missing, misconfigured, or unreachable at install time, verification silently fails – and users see the disambiguation dialog or land in the browser instead.


Step 1: Configure Intent Filters in AndroidManifest.xml

Open your app's `AndroidManifest.xml` and add the correct intent filter to the activity that should handle the link. The critical attributes are:

xml
<activity android:name=".MainActivity">
    <intent-filter android:autoVerify="true">
        <action android:name="android.intent.action.VIEW" />
        <category android:name="android.intent.category.DEFAULT" />
        <category android:name="android.intent.category.BROWSABLE" />
        <data android:scheme="https"
              android:host="www.yourcompany.com" />
    </intent-filter>
</activity>

Important: Include both `www.yourcompany.com` and `yourcompany.com` as separate `<data>` entries if users may access either. A mismatch here is the single most common cause of failed verification.

Step 2: Create and Host the assetlinks.json File

The `assetlinks.json` file must be hosted at:

https://www.yourcompany.com/.well-known/assetlinks.json

The file content follows this structure:

json
[{
  "relation": ["delegate_permission/common.handle_all_urls"],
  "target": {
    "namespace": "android_app",
    "package_name": "com.yourcompany.app",
    "sha256_cert_fingerprints": [
      "AA:BB:CC:DD:EE:FF:..."
    ]
  }
}]

Key requirements for this file:

Step 3: Retrieve Your SHA-256 Certificate Fingerprint

Your fingerprint depends on how you sign your app:

Pro tip for teams using Google Play App Signing: You need the SHA-256 from the Play Console, not from your local keystore. Using the wrong fingerprint is the second most common cause of failed verification.

Step 4: Validate Your Configuration

Use the Google Digital Asset Links API to confirm your file is readable and correctly structured before submitting to the store.

You can also test locally using ADB:

bash
adb shell am start -a android.intent.action.VIEW \
  -c android.intent.category.BROWSABLE \
  -d "https://www.yourcompany.com/product/123"

If the link opens your app directly without a chooser dialog, your App Links setup is working correctly.


Even experienced Android developers encounter problems during App Links setup. Here are the most frequently encountered issues:


SMBs operating with staging, QA, and production environments face a specific challenge: each environment typically has its own domain and signing certificate. This means you need separate `assetlinks.json` configurations for each.

1. Use productFlavors in your `build.gradle` to define environment-specific package names (e.g., `com.yourcompany.app.staging`)

2. Host separate `assetlinks.json` files on each domain

3. Register separate intent filters per flavor, pointing to the correct environment domain

4. Test verification independently for each environment before promoting a build

This prevents production verification from breaking when staging certificates are updated – a surprisingly common incident in continuous delivery pipelines.


If your team ships both Android and iOS apps, you are managing two parallel verification systems:

| Feature | Android App Links | iOS Universal Links |

|---|---|---|

| Verification file | `assetlinks.json` | `apple-app-site-association` |

| File location | `/.well-known/assetlinks.json` | `/.well-known/apple-app-site-association` |

| Scheme required | HTTPS only | HTTPS only |

| Verification trigger | App install | App install |

| Dialog-free opening | Yes (verified) | Yes (verified) |

Both files live under the same `/.well-known/` directory, so a single well-configured web server can serve both. Coordinate your server team early in the App Links setup process to avoid last-minute deployment conflicts.


Implementing App Links without measuring their performance is a missed opportunity. Connect your App Links to analytics to track:

Typically, teams that correctly implement and verify App Links see 15–30% improvements in conversion rates on campaign landing pages compared to unverified deep link setups. The exact figure depends on your audience's device mix and the nature of the user action.


App Links setup is straightforward in concept but has many failure modes that are difficult to diagnose without proper tooling and experience. Consider bringing in external expertise when:

A structured technical review of your `AndroidManifest.xml`, `assetlinks.json` configuration, and server setup can identify and resolve issues in hours rather than weeks of trial-and-error debugging.

For more technical insights on mobile development and related topics, visit the Pilecode blog.


Use this checklist before going live:


A correctly configured App Links setup is not just a technical checkbox – it is a direct driver of user experience quality and campaign ROI. By verifying domain ownership through `assetlinks.json`, declaring precise intent filters, and testing rigorously across environments, you give your users a seamless path from any digital touchpoint into your Android app.

The investment is modest. The return – in reduced friction, higher conversions, and more reliable marketing attribution – is substantial. Start with a clean manifest configuration, host your verification file correctly, and test before every production release.

If your team needs support implementing or auditing your Android App Links setup, the experts at Pilecode are ready to help.

Schedule a free initial consultation →


Have questions about this topic? Get in Touch.