COVID‑19 Exposure Notifications API
In our continued effort to help governments and health authorities during the COVID-19 pandemic, we have authored an open source reference implementation of an Exposure Notifications server.
The server reference in this repository implements the Exposure Notifications API and provides reference code for working with Android and iOS apps that are built by public health authorities. The reference server source code is available on GitHub and can be deployed on any infrastructure or cloud provider selected by a public health authority.
Our hope is by making this privacy-preserving server implementation available to health authorities, we can enable their developers to use the open source code to get started quickly.
The Exposure Notification Server is responsible for the following functions:
-
Accepting the temporary exposure keys of affected users from mobile devices.
-
Validating the temporary exposure keys using a configurable third-party verification service.
-
Storing the temporary exposure keys in a database.
-
Periodically generating incremental files that will be downloaded by mobile devices to perform the key-matching algorithm on the mobile device.
-
Sending a public key to devices, and digitally signing the incremental files with a private key.
-
Periodically deleting old temporary exposure keys. After 14 days, or configured time period, the exposure keys can no longer be matched to a device.
You can read tutorials on deploying and using the reference Exposure Notification Server here:
- Deployment guide
- Contributor guide
- Server Functional Requirements
- Server Deployment Options
- Reference documentation
You can open a GitHub Issue. or reach out privately by emailing [email protected]. Please include as much detail as you can to help in addressing your concern.