Knogin
[Developers]

Region

A multi-national organisation operating across North America, Europe, and Asia Pacific needs to ensure that data collected in each region stays within that region's legal boundaries. Before assigning a data residency pol

Back to All Modules
Category: Api DomainsLast Updated: Feb 5, 2026
api-domainscompliancegeospatial

Overview#

A multi-national organisation operating across North America, Europe, and Asia Pacific needs to ensure that data collected in each region stays within that region's legal boundaries. Before assigning a data residency policy or scoping an administrator's access, the platform needs to know which named region that data or user belongs to. The Region domain provides that foundation: a simple, authoritative catalogue of geographic regions that other domains reference for data partitioning, compliance mapping, and access scoping.

Key Features#

  • Region creation with name and description
  • Region retrieval by ID and listing of all regions
  • Support for standard geographic divisions (North America, Europe, Asia Pacific, etc.)
  • Data residency alignment for region-specific storage requirements
  • Compliance mapping to regional regulations
  • Regional access control scoping for administrators and auditors

Use Cases#

Geographic region management is relevant wherever organisations face multi-jurisdictional data law, cross-border operations, or devolved administration. Common industries include enterprise technology, government, and financial services.

  • Defining geographic divisions for multi-region organisational structures
  • Aligning data storage with regional compliance and residency requirements
  • Scoping administrative access and audit capabilities by region
  • Referencing regions from other entities for geographic classification

Integration#

The Region domain connects with multi-tenancy, geographic data services, and organisational structure management.

Open Standards#

  • GraphQL (June 2018 Specification): the entire Region API surface, queries for retrieval and mutations for creation, is defined and served as a GraphQL schema, enabling typed, introspectable access by any compliant client.
  • RFC 7519 (JSON Web Token) and RFC 7517 (JSON Web Key Set): every request to the Region API is authenticated by verifying an RS256-signed JWT against a JWKS endpoint, ensuring that only authorised principals can read or write region records.
  • OAuth 2.0 (RFC 6749): region API access follows the OAuth 2.0 bearer token pattern; the IsAuthenticated permission guard rejects any request that does not carry a valid access token issued by the platform's authorisation server.
  • RFC 4122 (UUID): all region records are identified by version-4 universally unique identifiers, guaranteeing collision-free primary keys across distributed tenants without centralised sequence allocation.
  • GDPR (Regulation (EU) 2016/679): the domain's explicit purpose is to anchor data residency policies and compliance mapping; each region record acts as the authoritative scope for storing personal data within the jurisdictional boundary required by the Regulation.
  • RFC 8259 (JSON): all API payloads, GraphQL request bodies and responses, are serialised as JSON, aligning with the standard interchange format used throughout the platform.
  • ISO 3166 (Codes for the Representation of Names of Countries and their Subdivisions): downstream domains that reference Region records (such as consular services, supply chain, and classification labels) use ISO 3166-1 alpha-3 country codes to identify the nation-states within a given geographic region, making the Region catalogue the natural anchor for ISO 3166-scoped data.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.