Open in app

Sign in

Write

Sign in

The deep links crash course, Part 1: Introduction to deep links

“What can you do with deep links?”

Sabs
Android Developers

--

Welcome to our deep links crash course. Over a series of 4 blog posts, we introduce you to deep links, show you how to create and test them, provide you with troubleshooting tips, and look at how deep links can help your business.

In this article, we look at what a link is, introduce the deep link types, and discuss some security issues.

If you’re short of time and want a quick summary, check out the companion video on YouTube.

Introduction

If you haven’t come across deep links before, you’ll undoubtedly have questions, like “What can I do with deep links?”, “Who are deep links for?”, “What is a link?”, and “What is a deep link?”.

Let’s start by answering the first 2 questions: “What can I do with deep links?” and “Who are deep links for?” We can answer these questions together: deep links are about getting people to the content they want to see.

If people don’t get to your content easily, they might stop using your app and move on to another one. Therefore, providing a good user experience is critical when working with deep links.

Now you know what deep links are for, let’s move on to the next question and start exploring what links are. To help with this, we use an app called Droidfood to showcase examples of deep links code. Droidfood is an app where users order their favorite food.

So …

What is a link?

There are many ways to define a link. For our purposes, we’ll are using this one:

“A link is a sequence of characters that takes us somewhere.”

For example, a link that takes people to the location section of the Droidfood app website might look like this:

https://droidfood.example.com/locations

This link is made up of:

  • The scheme, in this case, “https:”, which identifies the link type. Here, the link is part of the secure hypertext transfer protocol.
  • The authority and hostname, in this case, “droidfood.example.com”, which tells us the main place, or domain, the link is going to. It is expressed in a hierarchical form, from the top-level domain to the subdomains.
  • The path, in this case, “/locations”; which is the location of the resource at the authority or domain.

What is a deep link?

To answer this question, we need to expand on our previous definition by adding a bit more detail:

“A link is a sequence of characters that takes us somewhere, which could be an Android app or any other resource on the internet.”

Any link into an Android app can be a deep link.

There are, however, different types of deep links., and each deep link type is a special case of another type, as this diagram shows:

Image that describes the 3 main deep link types

Deep Links

Image that describes the 3 main deep link types and deep links is highlighted

Deep links have the least specific rules about their creation. Here are two deep link examples from the Droidfood app. The first takes people to a list of the locations, and the second to the restaurants that are near the user:

https://droidfood.example.com/locations

droidfood://near-me

The rules for creating one of these deep links are:

  • The scheme can be a well-defined one — such as https, mail, or sms — or a custom one.
  • The authority should be a domain structure so it’s easy to identify.
  • The path can be used to pass parameters to your app and send users to a particular screen in your app.

A custom scheme for deep links can help users effectively reach your in-app content. However, deep links don’t have a centralized ownership registry, so any app can sign up to handle a particular deep link. When Android finds that more than one app has signed up to handle a link, the disambiguation dialog appears when the user follows that deep link.

Android screenshot of the disambiguation dialog where the app options are Chrome and Maps

Before Android 12, the disambiguation dialog appeared when:

  • Your app defines an Android App Link (we review this type of link later), but the link could not be verified.
  • An app update caused a user’s “always open” request to be revoked.

There are schemes that allow you to start an activity in an app using one of Android’s intents. These schemes cover features such as:

  • “tel” for phone
  • “file” for music or video
  • “mailto” for email
  • “geo” for maps
  • “sms” for messaging
Different builtin intents: from left to right and top to bottom: geo, sms, content, tel, http, file, mms

One of the most common ways to use deep links is to help navigate the user to an activity. In the Droidfood app, there are 3 activities:

  • LocationsActivity
  • DeliveryOptionsActivity
  • AboutUsActivity

All three of these activities work in the same way, to see how, let’s take a closer look at taking people to the location activity. Here the deep link example works just fine (except for the possible appearance of the disambiguation dialog.)

When the user clicks on this link:

droidfood://locations

They are taken into the location activity.

Navigation is an interesting topic and very useful with deep links. We discuss navigation in a blog post later in this series. You might also like to watch the Navigation: Deep links — MAD Skills video. This video shows how to navigate to deep links with Jetpack Navigation.

Web Links

Image that describes the 3 main deep link types and web links is highlighted

These links inherit all of the characteristics of deep links, although they follow more specific syntax rules. Web links also look like any other link on the internet. Here is one for the Droidfood app:

https://droidfood.example.com/about-us

This link takes people to the page that tells them more about Droidfood’s mission and story.

For the system to handle a web link correctly, it must be configured like this:

  • The scheme component must be http or https.
  • The authority component is your web host name and needs to be reachable on the internet.
  • The path is optional and depends on how you’ve configured your website.

Starting from Android 12, all web links open in the browser unless an association between your website and Android app has been configured. This association is the basis for Android App Links. More details about this change can be found in the Android 12 behavior changes documentation.

Starting from Android 12, all web links that aren’t associated with your Android app are opened in a browser.

If there is an association between the web link and Android app and the app is installed, the link opens in the app. The link opens in the browser If the app is not installed.

In previous Android versions, the disambiguation dialog may appear if there are multiple handlers for the web link, such as other browsers or apps.

Android screenshot of the disambiguation dialog where the app options are Droidfood and Chrome

Android App Links

Image that describes the 3 main deep link types and Android App Links is highlighted

This is the most specialized type of deep link and has the most stringent rules. Android App Links are web links that involve more configuration steps. This process verifies the ownership of the link. Every time a user follows an Android App Link that has been verified, it will always open in your app, and the disambiguation dialog does not appear.

So, once verified, https://droidfood.example.com/locations always opens in the Droidfood app and lists restaurant locations.

The rules for creating an Android App Link are:

  • The scheme, as with web links, must be http or https
  • The authority and path, similar to those you provided for web links, must reflect your web host name and be reachable on the internet.
Image that describes the association between the website and the Android app

The extra configuration requires these details:

  • An “autoVerify” attribute set to true in your app’s intent filter, which lets your app be the default handler for a type of link.
  • Declare an Association between a page on your website and your Android app. This takes the form of a JSON file called “assetlinks.json” that must be accessible publicly through the “.well-known” directory under your website’s root directory.

Also, it is worth noting that you must ensure your website responds to the link so that users without your app end up on the correct page.

So, why would you want to use an Android App Link compared to any other type of link? Let’s explore a couple of situations where they are useful.

Link sharing

Let’s say you want to invite a friend to lunch, and they are curious about the menu at your chosen restaurant. With an Android App Link implemented, you share the Droidfood link. If your friend has the app installed, the link takes them to the menu in the app; otherwise, they’re taken to the Droidfood website.

This is a common scenario for all Android App Links and offers the best user experience.

Path parameter parsing

Droidfood wants to share a coupon code for 15% percent off the dinner delivery menu. (That’s a good deal!) In this case, Droidfood shares a link with its customers so that the app automatically applies the coupon at checkout.

The link might take this form-

https://droidfood.example.com/delivery?code=15off

A query is optional in deep links, and this is a good use case for including one. Every time a user clicks on the link, they are redirected to the Droidfood app. Droidfood’s logic receives the code parameter and can apply it to check out. This is a good use case for including a query.

A few security notes

Android App Link verification

Before Android 12, if you have a link that failed verification, the disambiguation dialog appears for all of your links. This means that other apps can add those links to their manifest, leaving your users open to risk.

For example, assume https://droidfood.example.com is not verified. Then a malicious app could add this link to the manifest, and the user could see both apps in the disambiguation dialog.

Gif that shows the disambiguation dialog, the options are Droidfood and malicious apps

To mitigate the risk, verify all your web links. See Verify Android App Links for more information on how to verify your links.

Sensitive information

Be careful when generating links with sensitive information. If you need to include sensitive information in URLs, consider using server-generated opaque tokens that can be invalidated when they are no longer needed. For example,

https://droidfood.example.com/login?token=tDsZE6rk1cwFPVDTCqkGbA

Link interception

Users can change the link-handling behavior on their devices, which means links can be intercepted by other apps or browsers. People can also copy and paste links anywhere, design your deep links with this in mind. Links you want to open in your Android app might still open in a browser or a different app chosen by the user.

Actions with side effects

Links are a great way to help users complete an action, but you need to make sure users are not tricked into performing an unexpected action. For example, you can create a link to “Add a Tip” that opens the tipping screen in your app, but the app should not submit the payment until the user confirms the tip in the app.

What’s next

Hopefully, you now have an understanding of deep links, what they are, what they are used for, and how to include them in your app,

In the next article, we take a closer look at implementing deep links. The third installment discusses common problems with deep links and how to fix them. Then, in the final article, we look at how deep links can help your business with user conversion.

Happy linking

Deep Links
Android
App Links
Android App Links

--

--

Sabs
Android Developers

Written by Sabs

197 Followers
Writer for

Developer Relations Engineer at Google

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams