Can location be received if location services are disabled on the device?
When a 911 call is made, we receive the location even if a person has their location services off.
Can locations be tracked without internet connectivity?
No. Internet connectivity is required to track location.
Can the source of an incident be a text or call?
Yes. The source, whether it is a text, or call can get displayed.
Can VPNs be used?
For certain networks, RapidSOS already maintains a few dedicated IPSec site-to-site VPNs and would be able to spin up new ones upon request as long as it's not an exotic flavor of VPN. The list of VPN hardware supported by RapidSOS can be found [here](https://aws.amazon.com/vpc/faqs/#C9).
So far RapidSOS has always worked with statically-routed VPNs, but should be able to support BGP dynamic routing as well (as indicated in the above link). To go this route would require coordination and technical resource allocation and scheduling, and thus will not be the fastest option available to enable integration with our network.
We would note that when done with proper firewall configuration, in the context of locally-originated "outbound-only" TLS connections are not less secure for the originating network than using a site-to-site VPN.
Do any RapidSOS APIs provide a Z coordinate for altitude?
Yes. The LEI API can provide a Z coordinate for altitude.
Does RapidSOS provide location data for landlines?
No. RapidSOS provides location data for mobile devices only.
Does the emergency call feature work outside of the US?
Phone numbers may work, but not additional data such as location.
Does the RapidSOS location solution work on older devices?
Location solutions available by RapidSOS support:
- iOS 12 and above
- Android 4.0 and above
Note: Microsoft and Blackberry devices are not currently supported.
How can official municipal networks access the data interfaces on the RapidSOS Emergency Response Data Platform?
Special considerations are sometimes needed. In general, RapidSOS is committed to being as flexible as needed to accommodate the connectivity requirements of any municipal network, and already supports a variety of configurations.
How many payload locations are provided for text-to-911?
RapidSOS gets 1 location payload per message for text-to-911.
If a payload is sent, then another is sent without data from the original upload, what happens?
RAPIDSOS updates it to blank (no data), even if it is an optional field.
Is DNS whitelisting an available capability, or is IP only available?
RapidSOS relies on DNS for traffic over public networks as part of our high-availability and auto-scaling strategies. Thus, when whitelisting it should be done by domain (i.e. api.rapidsos.com) - most modern firewalls support this via standard stateful inspection rules.
Below is a list of known domains that have had to be whitelisted in order for RapidSOS Portal and various integrations to work:
*.digicert.com (See below for specifics)
*.rapidsos.com
*rapidsosportal.com
*api.rapidsos.com (See below for specifics)
*googleapis.com (See below for specifics)
*.app.aptrinsic.com (See below for specifics)
cdn.rapidsos.com
cdn-prod.rapidsos.com
google.com (optional in order to provide reverse geocoding in RapidSOS Portal)
Cdn.ravenjs.com
Cdn.apple-mapkit.com
google.com/recaptcha/api.js
Google-analytics.com
Googletagmanager.com
Rapidsos.zendesk.com
Accounts.skilljar.com
RapidSOS uses Digicert as our SSL certificate provider. The digicert.com URL's listed below are Certificate Revocation domains
crl3.digicert.com
crl4.digicert.com
ocsp.digicert.com
For RapidSOS API:
api.rapidsos.com/v1/rsos/location
api.rapidsos.com/v1/hermes/subscribe
api.rapidsos.com/v1/events
api.rapidsos.com/v1/spatial-layers
api.rapidsos.com/v1/scorpius/sso/saml/training
api.rapidsos.com/v2/emergency-data/session
For Google Maps API:
maps.googleapis.com
khms0.googleapis.com
khms1.googleapis.com
For Gainsight specific:
app.aptrinsic.com
web-sdk.aptrinsic.com
Esp.aptrinsic.com
For Skilljar(RapidSOS Training Portal):
training.rapidsos.com/
training.rapidsos.com/auth/login/
training.rapidsos.com/theme/
Emails:
@rapidsos.com (Company emails)
do-not-reply@rapidsos.com (Confirmation emails/password resets)
@rapidsos.zendesk.com (Technical Support Emails)
Is there a RapidSOS API that will tell us if a GPS coordinate falls inside/outside the geofence of the current API keys?
No. This is not available at this time. A 400 Error will likely be presented.
What are some ways the Geofence API is used?
Geofence API gets leveraged via 911 Inform for Micro Geofences of buildings. For example, RapidSOS uses these to make sure the call is coming from within the building.
What are the firewall rules?
From the perspective of municipal networks, firewalls only need to support outbound HTTPS requests over TCP port 443 and allow their responses (via stateful inspection rules or otherwise). In addition, when traffic is to go over public networks, DNS resolution should be supported (we use DNS as one layer of our high-availability setup).
From the perspective of the RapidSOS clearinghouse network, we similarly limit inbound traffic from public networks to TCP port 443.
What connectivity policy is in place?
The NG911 Clearinghouse can be queried (either via the REST APIs, the NG911 interfaces, or otherwise - the rules are always the same) over public networks only when using TLS along with tightly-controlled API keys - access is rate-limited and monitored, and production access keys are granted only to authorized personnel with a documented chain of custody of production credentials. Connections should always be "inbound" to our system as standard HTTPS requests over TCP port 443. The clearinghouse will never make "outbound" connections to any municipal system except to respond to queries.
Much of the details are documented here. This developer portal is also the mechanism by which API keys are administered, as documented. Once keys are in the hands of authorized personnel, the security of those keys is their responsibility. If ever abuse is detected (large volumes of spam traffic, anomalous query activity akin to number scanning, etc), access to the APIs may be throttled or suspended to protect the integrity and security of the system, on a per-API-key basis. No unauthenticated traffic will be permitted through the production system - i.e. valid API keys must be used for all requests. By default, each API key set is rate-limited to 1000 requests per minute.
Modifications to the values of parameters are possible for custom network interconnections (e.g. for a large number of call-taker stations or PSAPs, the rate-limits can be set higher). For high-volume setups though, we recommend maintaining more than one set of API credentials per site.
What is required to have location data?
Lat/Long of the incident and a point of contact are required.
What is the RapidSOS Developer Portal?
The RapidSOS Developer portal provides guidance, resources, and available SDKs and API documentation to assist in implementing RapidSOS solutions into your application.
Who can use the APIs on the RapidSOS Developer Portal?
Typically, two types of groups utilize our APIs. These tend to include:
- Public Safety Integrations - Those that need to receive emergency related information (such as ECCs, PSAPs, etc.)
- Tech Partners - Those that need to send emergency related information (such as Apple, Google, etc.)
If you fit into one (or both) of these categories, you are likely eligible to register for an account.
What do I need to get started?
To use the APIs on the RapidSOS Developer Portal, you need to have a developer account and an authentication token/keys. You can register an account by emailing to: partnerenablement@rapidsos.com
After submitting, RapidSOS will send you an email with instructions to get started.
Check the Getting Started page for further instructions and to learn how to get an authentication token.
Do I need to register to use RapidSOS APIs?
Yes. You need to get registered. Once you are registered, RapidSOS will provide you account credentials, and applicable keys (as needed) to start using the APIs.
What is OAuth 2.0?
OAuth 2.0 is a protocol that allows a user to grant a third-party web site or application access to the user's protected resources, without necessarily revealing their long-term credentials or even their identity. ... The client uses the access token to access the protected resources hosted by the resource server.