configure-digital-asset-links
Configure Digital Asset Links
Android uses a Digital Asset Links file named assetlinks.json to verify the association between your application and your website.
Find Your Package Name
You can find your application's package name in the app module's build.gradle.kts file under defaultConfig:
android {
defaultConfig {
applicationId = "<PACKAGE_NAME>"
}
}
Generate the SHA-256 Certificate Fingerprint
Use the keytool utility included with the Java Development Kit to retrieve the SHA-256 fingerprint of your application's signing certificate:
keytool -list -v \
-keystore KEYSTORE_PATH \
-alias KEYSTORE_ALIAS \
-storepass KEYSTORE_PASSWORD \
-keypass KEY_PASSWORD
Replace the following values:
KEYSTORE_PATHwith the path to your keystoreKEYSTORE_ALIASwith the signing-key aliasKEYSTORE_PASSWORDwith the keystore passwordKEY_PASSWORDwith the signing-key password
The command output includes the certificate's SHA-256 fingerprint.
For local development, you can use the default Android debug keystore with the following values:
KEYSTORE_ALIAS:androiddebugkeyKEYSTORE_PASSWORD:androidKEY_PASSWORD:android
Use a dedicated signing key for production applications. For applications distributed through Google Play, you can find the app-signing certificate fingerprint in the Google Play Console.
Register the Fingerprint
Register your application's SHA-256 certificate fingerprint in your LoginID application's FIDO2 section before continuing. For instructions, see Adding Android Fingerprint.
Host the assetlinks.json File
Create an assetlinks.json file containing your application's package name and SHA-256 certificate fingerprint:
[
{
"relation": [
"delegate_permission/common.get_login_creds"
],
"target": {
"namespace": "android_app",
"package_name": "<PACKAGE_NAME>",
"sha256_cert_fingerprints": [
"<SHA256_FINGERPRINT>"
]
}
}
]
Replace <PACKAGE_NAME> and <SHA256_FINGERPRINT> with your application's values.
Host the file at the following location:
https://<WEBSITE_DOMAIN>/.well-known/assetlinks.json
The file must be publicly accessible over HTTPS.
Declare the Association in Your Android Application
Add an asset_statements resource to res/values/strings.xml:
<resources>
<string name="asset_statements" translatable="false">
[{
\"include\": \"https://<WEBSITE_DOMAIN>/.well-known/assetlinks.json\"
}]
</string>
</resources>
Then add the corresponding <meta-data> element inside the <application> element of your AndroidManifest.xml file:
<manifest xmlns:android="http://schemas.android.com/apk/res/android">
<application>
<meta-data
android:name="asset_statements"
android:resource="@string/asset_statements" />
</application>
</manifest>