Hi There, I have a question related to the security of the deeplinks, I understand that in the associated domains is handled a JSON with the relationship of the bundles that are allowed to redirect. but I want to validate , if there is no way for a clone app to add these assosiated domains and allow a deeplink to open your malicious app.

Hello, good morning, I have a problem with the vendor identifier UUID, basically every time I install the app is debug, testfligth or prod is creating me a new id, this generates a problem when sending notifications from the backend because we link the id with the token of the push and this makes the push is sent repeatedly. Is it possible to use the UUID (even if apple doesn't like it) ?