Knogin
[Developers]

DoC Provider Domain

A duty of care programme relies on a network of contracted response providers: security firms, medical assistance providers, and local fixers across different regions. When an incident occurs in a specific city, the prog

Back to All Modules
Category: Api DomainsLast Updated: Feb 5, 2026
api-domains

Overview#

A duty of care programme relies on a network of contracted response providers: security firms, medical assistance providers, and local fixers across different regions. When an incident occurs in a specific city, the programme needs to quickly identify which providers operate there, what capabilities they have available, and whether their service level commitments are being met. The DoC Provider domain manages that provider network, registration, capability tracking, dispatch routing, and performance monitoring, as an operational resource.

Key Features#

  • Provider registration and onboarding workflows.
  • Provider capability management and service declarations.
  • Dispatch routing based on provider capabilities and availability.
  • Provider performance tracking and quality metrics.
  • Organisation-scoped provider management.
  • Provider status and availability monitoring.
  • Service level agreement tracking.
  • Provider audit trail for all operational actions.

Use Cases#

Duty of care programme managers register and onboard response providers with structured capability declarations, ensuring that dispatch routing can match incident requirements to the right provider automatically.

Incident coordinators receive dispatch recommendations for specific incidents based on the location, nature, and requirements of each case, with the system matching provider capabilities to incident needs rather than relying on coordinator memory.

Contract management teams track provider performance metrics and response quality against contracted service levels, using objective data to inform contract renewal decisions and service improvement discussions.

Operations supervisors monitor provider availability in real time, maintaining visibility of which contracted resources are currently engaged and which are available for new incident assignments.

Integration#

Integrates with DoC incident management, traveler management, and dispatch workflows for provider-based duty of care operations.

Open Standards#

  • GraphQL (June 2018 specification): All provider registry queries, nearest-provider lookups, dispatch mutations, and performance statistics are exposed through a typed GraphQL API.
  • OGC WGS 84 / EPSG:4326: Provider locations are stored as geodetic coordinates using the WGS 84 reference system, and all spatial proximity searches use geodetic distance calculations.
  • AES-256-GCM (NIST SP 800-38D): Contact PII (phone number and email address) is encrypted at rest using AES-256-GCM with per-row additional authenticated data, ensuring that a data breach yields only ciphertext.
  • HMAC-SHA-256: Blind indexes over encrypted email fields are computed as HMAC-SHA-256 digests, enabling deterministic equality lookups without decryption.
  • JSON Web Token / RFC 7519: Every REST and GraphQL endpoint enforces authentication by verifying RS256-signed JWTs issued by the platform identity service via a JWKS endpoint.
  • RFC 4122 UUID: All entity identifiers, including providers, tenants, incidents, and dispatching users, are version 4 UUIDs, ensuring globally unique and collision-resistant references.
  • ISO 8601: All timestamps returned by the API are serialised in ISO 8601 format using UTC-aware representations.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.