FAQ

When a 911 call is made, we receive the location even if a person has their location services off.

No. Internet connectivity is required to track location.

Yes. The source, whether it is a text, or call can get displayed.

For certain networks, RapidSOS already maintains a few dedicated IPSec site-to-site VPNs and would be able to spin up new ones upon request as long as it's not an exotic flavor of VPN. The list of VPN hardware supported by RapidSOS can be found [here](https://aws.amazon.com/vpc/faqs/#C9). 

So far RapidSOS has always worked with statically-routed VPNs, but should be able to support BGP dynamic routing as well (as indicated in the above link). To go this route would require coordination and technical resource allocation and scheduling, and thus will not be the fastest option available to enable integration with our network.

We would note that when done with proper firewall configuration, in the context of locally-originated "outbound-only" TLS connections are not less secure for the originating network than using a site-to-site VPN.

Yes. The LEI API can provide a Z coordinate for altitude.

No. RapidSOS provides location data for mobile devices only. 

Phone numbers may work, but not additional data such as location.

Location solutions available by RapidSOS support:

• iOS 12 and above
• Android 4.0 and above

Note: Microsoft and Blackberry devices are not currently supported.

Special considerations are sometimes needed. In general, RapidSOS is committed to being as flexible as needed to accommodate the connectivity requirements of any municipal network, and already supports a variety of configurations.

RapidSOS gets 1 location payload per message for text-to-911.

RAPIDSOS updates it to blank (no data), even if it is an optional field.

RapidSOS relies on DNS for traffic over public networks as part of our high-availability and auto-scaling strategies.  Thus, when whitelisting it should be done by domain (i.e. api.rapidsos.com) - most modern firewalls support this via standard stateful inspection rules.

Below is a list of known domains that have had to be whitelisted in order for RapidSOS Portal and various integrations to work:

    *.digicert.com (See below for specifics)
    *.rapidsos.com
    *rapidsosportal.com
    *api.rapidsos.com (See below for specifics)
    *googleapis.com (See below for specifics)
    *.app.aptrinsic.com (See below for specifics)
    cdn.rapidsos.com
    cdn-prod.rapidsos.com
    google.com (optional in order to provide reverse geocoding in RapidSOS Portal)
    Cdn.ravenjs.com
    Cdn.apple-mapkit.com
    google.com/recaptcha/api.js
    Google-analytics.com
    Googletagmanager.com
    Rapidsos.zendesk.com
    Accounts.skilljar.com

RapidSOS uses Digicert as our SSL certificate provider. The digicert.com URL's listed below are Certificate Revocation domains

    crl3.digicert.com
    crl4.digicert.com
    ocsp.digicert.com

For RapidSOS API:

    api.rapidsos.com/v1/rsos/location
    api.rapidsos.com/v1/hermes/subscribe
    api.rapidsos.com/v1/events
    api.rapidsos.com/v1/spatial-layers
    api.rapidsos.com/v1/scorpius/sso/saml/training
    api.rapidsos.com/v2/emergency-data/session

For Google Maps API:

    maps.googleapis.com
    khms0.googleapis.com
    khms1.googleapis.com

For Gainsight specific:

    app.aptrinsic.com
    web-sdk.aptrinsic.com
    Esp.aptrinsic.com

For Skilljar(RapidSOS Training Portal):

    training.rapidsos.com/
    training.rapidsos.com/auth/login/
    training.rapidsos.com/theme/

Emails:

    @rapidsos.com (Company emails)
    do-not-reply@rapidsos.com (Confirmation emails/password resets)
    @rapidsos.zendesk.com (Technical Support Emails)

No. This is not available at this time. A 400 Error will likely be presented.

Geofence API gets leveraged via 911 Inform for Micro Geofences of buildings. For example, RapidSOS uses these to make sure the call is coming from within the building.

From the perspective of municipal networks, firewalls only need to support outbound HTTPS requests over TCP port 443 and allow their responses (via stateful inspection rules or otherwise). In addition, when traffic is to go over public networks, DNS resolution should be supported (we use DNS as one layer of our high-availability setup).

From the perspective of the RapidSOS clearinghouse network, we similarly limit inbound traffic from public networks to TCP port 443.

The NG911 Clearinghouse can be queried (either via the REST APIs, the NG911 interfaces, or otherwise - the rules are always the same) over public networks only when using TLS along with tightly-controlled API keys - access is rate-limited and monitored, and production access keys are granted only to authorized personnel with a documented chain of custody of production credentials. Connections should always be "inbound" to our system as standard HTTPS requests over TCP port 443. The clearinghouse will never make "outbound" connections to any municipal system except to respond to queries.

Much of the details are documented here. This developer portal is also the mechanism by which API keys are administered, as documented. Once keys are in the hands of authorized personnel, the security of those keys is their responsibility. If ever abuse is detected (large volumes of spam traffic, anomalous query activity akin to number scanning, etc), access to the APIs may be throttled or suspended to protect the integrity and security of the system, on a per-API-key basis. No unauthenticated traffic will be permitted through the production system - i.e. valid API keys must be used for all requests. By default, each API key set is rate-limited to 1000 requests per minute.

Modifications to the values of parameters are possible for custom network interconnections (e.g. for a large number of call-taker stations or PSAPs, the rate-limits can be set higher). For high-volume setups though, we recommend maintaining more than one set of API credentials per site.

Lat/Long of the incident and a point of contact are required.

The RapidSOS Developer portal provides guidance, resources, and available SDKs and API documentation to assist in implementing RapidSOS solutions into your application.

Typically, two types of groups utilize our APIs. These tend to include:

• Public Safety Integrations - Those that need to receive emergency related information (such as ECCs, PSAPs, etc.)
• Tech Partners - Those that need to send emergency related information (such as Apple, Google, etc.)

If you fit into one (or both) of these categories, you are likely eligible to register for an account. 

To use the APIs on the RapidSOS Developer Portal, you need to have a developer account and an authentication token/keys. You can register an account by emailing to: partnerenablement@rapidsos.com

After submitting, RapidSOS will send you an email with instructions to get started. 

Check the Getting Started page for further instructions and to learn how to get an authentication token.

Yes. You need to get registered. Once you are registered, RapidSOS will provide you account credentials, and applicable keys (as needed) to start using the APIs.

OAuth 2.0 is a protocol that allows a user to grant a third-party web site or application access to the user's protected resources, without necessarily revealing their long-term credentials or even their identity. ... The client uses the access token to access the protected resources hosted by the resource server.