I’m trying to get native notifications working for a TWA of my self-hosted Discourse site and have run into a very strange “soft fail” with the Digital Asset Link verification.
Here are the exact symptoms:
-
The app launches and runs full-screen without the URL bar, which suggests the asset link is partially working.
-
However, a “Running in Chrome” toast message appears on every launch.
-
Most importantly, when the PWA requests notification permission, it shows the browser-style prompt, not the native Android dialog. This proves that native API delegation is failing.
This behavior is consistent on all test devices (Android 12 & 13) and with APKs generated by both Bubblewrap and Microsoft’s PWABuilder.
After extensive debugging, I have confirmed that my entire client-side and public-facing server configuration appears to be perfect. The issue seems to be a subtle server-side problem that only affects the Android validator.
Here is what I have already verified:
-
Signing Key &
assetlinks.json: Myandroid.keystoreSHA-256 fingerprint is a 100% exact match with the fingerprint in my live/.well-known/assetlinks.jsonfile. -
Server Response: My server serves the
assetlinks.jsonURL with a200 OKstatus, the correctapplication/jsonContent-Type, and no blocking CORS headers when checked with standard web tools. -
Android App Config: The generated
AndroidManifest.xmlis correct and contains the standardcom.google.androidbrowserhelper.trusted.DelegationService. -
Discourse Admin Settings: My admin security settings for
cors originsandAllowed crawler user agentsare both empty.
Given this specific “soft fail” behavior, my question is:
Is there a known Nginx rule, firewall setting, or a subtle server response issue (like a slight delay or a non-standard header) in the default Discourse self-hosted setup that would cause the Android validator to grant a “partial trust” (allowing the full-screen UI) but deny the higher level of trust required for native API delegation?
I am at the end of what can be diagnosed from the client side. Any insight into the server’s deep configuration would be greatly appreciated.