Deep Links API
Validate a domain's mobile deep-link configuration — the well-known files that make iOS Universal Links and Android App Links open your native app instead of a browser tab. Pass a domain and the service fetches and validates both the Apple App Site Association (apple-app-site-association — the applinks app IDs, path components and webcredentials) and the Android Digital Asset Links (assetlinks.json — each statement's relation, package name and SHA-256 certificate fingerprints), checking the /.well-known/ path with a legacy root fallback, and reports per-platform validity with concrete issues: missing applinks, a non-JSON content type, missing certificate fingerprints, or malformed structure. Single-platform endpoints check iOS or Android on their own. The request is made server-side and private/internal targets are refused (SSRF-guarded). Built for mobile-app onboarding, universal/app-link debugging, pre-release checklists and continuous monitoring. A deep-link configuration validator — distinct from DNS lookup (dns), the security.txt parser (securitytxt) and the SSL/TLS certificate check (sslcheck). No upstream key, no cache.
api.oanor.com/deeplinks-api
