We’re trying to get Passkeys to work with iOS and macOS Catalyst. Apple fails to accept the associated domain, without giving a reason why. The JSON is correct and shows up on Apple’s CDN. We are stuck.
Apple fails to accept associated domain
Here's our configuration.
webcredentials:ourdomain.tld?mode=developer
https://ourdomain.tld/.well-known/apple-app-site-association { "webcredentials": { "apps": [ "XXXXXXXXXX.our-app-bundle-id" ] } }
Things we double-checked:
- Tried the Xcode configration with and without ?mode=developer
- The SSL certificate on our server is valid
- There are no HTTP redirects
- The reponse's Content-Type is application/json
- Apple's CDN returns the correct JSON file
- The JSON is valid
- 'sudo swcutil verify -d ourdomain.tld' returns the correct entry for the App ID
- There is no typo in the App ID, it's identical to to what the system is mentioning in the error message.
Update: It's now working in iOS on device (no clear understanding why it failed before – we didn't change a thing).
It still fails in Mac Catalyst with the error Application with identifier <...> is not associated with domain <...>
Disappointed by Apple Technical Support here: no response, no help, just silence. 😕
Update 2: After updating the System to macOS 15.0.1, it works in Mac Catalyst too.
No changes in code or configuration.
I'm worried it might break in production without us knowing why. Not great.
Hi @FaWAppleDev,
If the issue were to reproduce in the future, please submit a bug report via Feedback Assistant. Then, attach a sysdiagnose log from the affected devices for iOS and Mac Catalyst along with the link to the AASA file.
Once submitted, you can include your Feedback ID with your posts so we can begin our investigation into the reported issue immediately.
Please see the following resource for tips on filing bugs reports:
How to file great bug reports
https://developer.apple.com/news/?id=vvrgkboh
Cheers,
Paris X Pinkney | WWDR | DTS Engineer