flutter - Can Android App Links work when assetlinks.json is only accessible via VPN? - Stack Overflow

I'm developing an Android application that uses App Links. For security reasons, the assetlinks.json file is hosted on a server that is only accessible via VPN. Although my test device can access the file when connected to the VPN, my app's App Links are not functioning as expected.

From what I've gathered, Android uses a Google proxy to fetch assetlinks.json for domain verification rather than connecting directly from the device. This means that even if my device has VPN access, the proxy won’t be able to retrieve the file because it’s not publicly accessible.

Is it possible for Android App Links to work if assetlinks.json is only available via VPN? What is the recommended approach for testing App Links in a VPN-restricted environment? Are there any workarounds? Any insights or alternative testing strategies would be greatly appreciated!

Thanks in advance for your help!

I'm developing an Android application that uses App Links. For security reasons, the assetlinks.json file is hosted on a server that is only accessible via VPN. Although my test device can access the file when connected to the VPN, my app's App Links are not functioning as expected.

From what I've gathered, Android uses a Google proxy to fetch assetlinks.json for domain verification rather than connecting directly from the device. This means that even if my device has VPN access, the proxy won’t be able to retrieve the file because it’s not publicly accessible.

Is it possible for Android App Links to work if assetlinks.json is only available via VPN? What is the recommended approach for testing App Links in a VPN-restricted environment? Are there any workarounds? Any insights or alternative testing strategies would be greatly appreciated!

Thanks in advance for your help!

• android
• flutter
• applinks

Share Improve this question Follow asked Feb 11 at 11:26 Daniel BrunnerDaniel Brunner 8388 bronze badges 2

• Does your server meet the criteria that the requests for assetlinks.json result in an HTTP 200 response (i.e. no redirects or such), and that its certificate chain is verifiable (i.e. not self-signed)? – Michael Commented Feb 11 at 13:38
• Yes it does, No redirects and i get a 200 respsonse on the file – Daniel Brunner Commented Feb 12 at 14:21

Add a comment  | 

1 Answer 1

Sorted by: Reset to default 0

Devices with an Androidversion of 12+ go through a Google proxy API to verify domains, meaning that a VPN will not allow access to fetch the assetlinks.json. (source: https://issuetracker.google/issues/239724946). Workaround for testing environment is to use "adb shell pm set-app-links --package ".