Set up App Links

Android App Links are a Beta feature. Functionality is subject to change as Trustly continues to make improvements. To enable this feature or request assistance, contact Trustly Support.

Android App Links allow seamless integration between your website and your Android application. By using standard HTTP or HTTPS links, you ensure that users are directed to specific content within your app without the need for browser redirects or system prompts.

Unlike custom URL schemes, App Links provide a reliable fallback strategy: if the application is not installed, the link functions as a standard web link and directs the user to your site. This guarantees the link resolves to the correct content, regardless of whether the app is installed.

Android recommends App Links as the primary method for deep linking due to their security and usability advantages over legacy URL schemes.

The following table compares the features and behavior of App Links versus custom URL schemes.

Feature	Android App Links	Custom URL Schemes
User Experience	Opens the app directly. If the app is missing, it opens the web URL.	If the app is installed, it opens the app. If the app is missing, the browser often displays an error.
Verification	Links are associated with your domain using the Digital Asset Links file, preventing other apps from intercepting them.	Any app can declare the same scheme (such as `myapp://`), leading to collisions.
Protocol	Uses standard web URLs HTTP/HTTPS.	Requires non-standard schemes. For example, `myapp://`.

Define the digital asset links

To enable App Links, you must create a JSON file named assetlinks.json. This file defines the relationship between your website and your application. Host the file at the following location: https://yourdomain.com/.well-known/assetlinks.json.

Ensure your server meets the configuration requirements:

The file must be served over HTTPS.
The file must be served with the Content-Type header set to application/json.

The following example demonstrates how to configure your package namespace and signing fingerprint.

1 [
2   {
3     "relation": [
4       "delegate_permission/common.handle_all_urls"
5     ],
6     "target": {
7       "namespace": "android_app",
8       "package_name": "com.yourcompany.yourapp",
9       "sha256_cert_fingerprints": [
10         "4A:34:B4:72:DE:F7:..."
11       ]
12     }
13   }
14 ]

Obtaining the SHA-256 Fingerprint
You can retrieve your signing key fingerprint using the keytool command line utility. Alternatively, in Android Studio, navigate to the Gradle tab and run the signingReport task.

Configuration reference

The following table describes the keys used to configure the assetlinks.json file.

Key	Description
`relation`	A list of permissions being granted. Use `delegate_permission/common.handle_all_urls` to handle deep links.
`namespace`	The namespace of your application. Usually `android_app`.
`package_name`	The unique application ID defined in your `build.gradle` file.
`sha256_cert_fingerprints`	The SHA-256 fingerprint of your app’s signing certificate.

Verify your configuration

Run the following command in your terminal to confirm your server is returning the correct Content-Type (it must be application/json):

$ curl -I https://yourdomain.com/.well-known/assetlinks.json

The response headers should include Content-Type: application/json.

Configure the manifest

To handle the links, you must configure an intent filter in your AndroidManifest.xml file. This tells the Android system which URLs your app can handle.

Add the autoVerify="true" attribute to the intent filter. This instructs Android to verify the domain ownership by checking the assetlinks.json file upon installation. For example:

1 <activity
2     android:name=".MainActivity"
3     android:exported="true"> 
4     
5     <intent-filter android:autoVerify="true">
6         <action android:name="android.intent.action.VIEW" />
7         <category android:name="android.intent.category.DEFAULT" />
8         <category android:name="android.intent.category.BROWSABLE" />
9         
10         <data android:scheme="https" />
11         <data android:host="your-domain.com" />
12         <data android:pathPrefix="/products" />
13         <data android:pathPattern="/profile" />
14     </intent-filter>
15     
16 </activity>

Handle incoming links

Android delivers the App Link to your Activity using an Intent. You must check for this Intent in both onCreate (for when the app starts) and onNewIntent (for when the app is already running).

The following example demonstrates how to extract the data from the Intent and route the user to the correct content.

1 import android.content.Intent
2 import android.net.Uri
3 import androidx.appcompat.app.AppCompatActivity
4 import android.os.Bundle
5 
6 class MainActivity : AppCompatActivity() {
7 
8     override fun onCreate(savedInstanceState: Bundle?) {
9         super.onCreate(savedInstanceState)
10         setContentView(R.layout.activity_main)
11 
12         // Check the initial Intent when the app launches
13         handleIntent(intent)
14     }
15 
16     override fun onNewIntent(intent: Intent?) {
17         super.onNewIntent(intent)
18         // Check the Intent if the Activity is already running
19         handleIntent(intent)
20         setIntent(intent) 
21     }
22 
23     private fun handleIntent(intent: Intent?) {
24         if (intent?.action == Intent.ACTION_VIEW) {
25             intent.data?.let { uri ->
26                 handleDeepLink(uri)
27             }
28         }
29     }
30 
31     private fun handleDeepLink(appUri: Uri) {
32         println("Incoming App Link URI: $appUri")
33 
34         // 1. Extract path and parameters
35         val path = appUri.path 
36         
37         // 2. Route the user to the correct content
38         if (path?.startsWith("/products") == true) {
39             val productId = appUri.getQueryParameter("id") 
40             
41             if (productId != null) {
42                 navigateToProductDetail(productId) 
43             }
44         } else if (path == "/profile") {
45             navigateToProfile()
46         } 
47     }
48 
49     // Example navigation functions
50     private fun navigateToProductDetail(id: String) {
51         println("Navigating to product view for ID: $id")
52     }
53 
54     private fun navigateToProfile() {
55         println("Navigating to Profile View")
56     }
57 }

Configure your deep link strategy (optional)

Android App Links function without a fallback. However, Trustly recommends having a default deep link strategy configured for your merchant account. This ensures your application has a consistent fallback behavior if a strategy isn’t explicitly provided within the establishData object in your code.

Any settings passed within the establishData object in your code override the default configurations stored in your Trustly account profile.

Because this setup requires internal configuration, you’ll need to contact your Customer Success Manager (CSM) or Trustly Support to enable this fallback for your account.

When you submit your request, you must provide the following information:

Deep link strategy: Specify universal-link. Trustly uses this unified backend term for both iOS Universal Links and Android App Links.
Universal Link: Provide your fully qualified domain (for example, https://yourdomain.com/).