Overview
This article will explain how to resolve instances where an iOS application does not recognize an Auth0-associated domain. The error associated with this issue looks like this:
Error Domain=com.apple.AuthenticationServices.WebAuthenticationSession Code=1 “Application with identifier [IDENTIFIER] is not associated with domain DOMAIN.us.auth0.com. Using HTTPS callbacks requires Associated Domains using the webcredentials
service type for DOMAIN.us.auth0.com.” UserInfo={NSLocalizedFailureReason=Application with identifier [IDENTIFIER] is not associated with domain DOMAIN.us.auth0.com. Using HTTPS callbacks requires Associated Domains using the webcredentials
service type for DOMAIN.us.auth0.com.}
Applies To
- iOS
- Associated Domains
- Swift
Cause
There are three potential causes for this error.
- If the issue seems to happen only when attempting a login or registration quickly after a fresh install of the app:
- An Apple engineer has acknowledged the existence of an iOS bug regarding verifying the Associated Domain.
- If the user waits a few seconds, the issue does not happen:
- This is likely caused by a configuration or setup issue.
- If an older SDK is used, where the application identifier can be different from the team identifier in the .entitlements file. This file is automatically created or modified by Xcode when a capability is enabled.
Solution
If the issue is the iOS bug, an Apple engineer has acknowledged the existence of an iOS bug regarding the verification of the Associated Domain. It should be fixed on iOS 18. See Bug: AASA file not fetched on app … | Apple Developer Forums
Please see if updating to iOS 18 solves your issue.
If the issue is a suspected configuration or setup problem, please verify the following:
- Correctly set up the Associated Domain as described in GitHub - auth0/Auth0.swift: Auth0 SDK for Apple platforms
- If using a custom domain, ensure it is correctly set up, both in the Auth0 dashboard and in the SDK configuration or setup.
- If able to get it to work using the Auth0.swift sample app, as it has been verified to work during the development of Auth0.swift 2.6.0. it is very likely to be either a configuration/setup issue, or the caching/Xcode debugging issue described in this Github issue.
If the application identifier at the top of the entitlements file for the published application is different from the team identifier:
- Update the Team ID in the tenant settings to the application identifier in the entitlements file:
- Go to the Settings page of the Auth0 application.
- Scroll to the end, and open Advanced Settings > Device Settings.
- In the iOS section, set Team ID to the application identifier found in the entitlements file, and App ID to the application’s bundle identifier.
- Wait for the Apple Content Delivery Network (CDN) to pick up these changes. According to Apple’s official documentation: “Apple’s content delivery network requests the apple-app-site-association file for your domain within 24 hours. Devices check for updates approximately once per week after app installation.”
- Log in again on a real device.
After verifying all of the above, please confirm if the issue persists.