Knogin
[Developers]

DoC Config Domain

A duty of care programme covers employees traveling across 80 countries. The appropriate alert thresholds for a traveler in a stable European city are completely different from those needed for someone in an active confl

Back to All Modules
Category: Api DomainsLast Updated: Feb 5, 2026
api-domains

Overview#

A duty of care programme covers employees traveling across 80 countries. The appropriate alert thresholds for a traveler in a stable European city are completely different from those needed for someone in an active conflict zone. The DoC Config domain lets administrators define those context-specific parameters, alert thresholds, geofence boundaries, notification preferences, per organisation, with version tracking so that every configuration change is auditable.

Key Features#

  • Alert threshold configuration for duty of care monitoring.
  • Geofence boundary management and configuration.
  • Notification preference management for alerts and incidents.
  • Operational parameter configuration.
  • Organisation-scoped configuration management.
  • Configuration versioning and change tracking.
  • Default configuration templates.
  • Configuration validation and constraint enforcement.

Use Cases#

Duty of care programme managers configure alert thresholds appropriate to the risk profile of each operational region, setting more sensitive thresholds for high-risk environments without applying those parameters universally.

Security teams define geofence boundaries for duty of care monitoring zones, creating location-aware alert triggers that respond to the specific geographic boundaries relevant to their traveler population.

Operations administrators manage notification preferences for duty of care team members, ensuring that the right people receive the right alerts through their preferred channels without creating notification fatigue.

Compliance officers review configuration change history to verify that operational parameters were set appropriately during specific incident periods, with version tracking providing a clear record of what was configured and when.

Integration#

Integrates with DoC alert management, geofencing, and notification delivery for configurable duty of care operations.

Open Standards#

  • GraphQL (June 2018 specification): All configuration reads and writes are exposed as a typed GraphQL API using queries and mutations, with strongly typed input and response objects for each configuration section.
  • OAuth 2.0 / JSON Web Token (RFC 7519): Every GraphQL operation is guarded by an IsAuthenticated permission class that verifies RS256-signed JWTs issued via a JWKS endpoint, enforcing bearer-token authorisation on all configuration mutations.
  • GDPR (Regulation (EU) 2016/679): Privacy configuration includes explicit gdpr_compliant flags and configurable data-retention and anonymisation periods, allowing organisations to align duty of care data handling with EU personal-data protection obligations.
  • HIPAA (45 CFR Parts 160 and 164): A hipaa_compliant flag in the privacy configuration block allows organisations subject to US health-data regulations to record and enforce appropriate handling of traveller health information.
  • RFC 4122 UUID: All tenant identifiers and configuration record identifiers are represented as RFC 4122 version-4 UUIDs, ensuring globally unique, collision-resistant keys across multi-tenant deployments.
  • IANA Time Zone Database (IANA TZDB): The default_timezone field accepts IANA TZDB identifiers (for example Europe/Dublin), ensuring unambiguous, locale-independent time zone representation for alert scheduling and quiet-hours logic.
  • ISO 8601: Configuration record timestamps (created_at, updated_at) are stored and returned as ISO 8601 date-time strings, providing an unambiguous, portable format for audit and version-tracking purposes.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.