ONE Record

ONE Record is a standardized data format where digital logistics and supply chain data can easily be exchanged in a digital ecosystem of air cargo stakeholders, communities and data platforms.

The following instructions are directed towards parties that are interested in leveraging the ONE Record data model, regardless of which point within the logistics chain you are taking part in. In order to authenticate successfully against the ONE Record API, the requesting party must possess a JWT issued by an authorized identity provider (IdP). To aquire such a valid token you can utilize Lufthansa Cargo's IdP or use your own IdP. Please refer to the sections below for further details.

Scope

Lufthansa Cargo's current implementation facilitates seamless Shipment Tracking by integrating with the ONE Record API. It involves creating and managing logistics objects for shipments and their pieces, tracking events, enabling participant subscriptions to updates, and generating notifications. Our system transforms internal data into the ONE Record format, granting access to authorized parties through ONE Record endpoints.

Utilize Lufthansa Cargo's Identity Provider

We offer our ONE Record partners to use the Lufthansa Cargo Identity Provider for ONE Record. For the registration process of a ONE Record client application in our Identity Management, we ask you to provide us the following information:

• ONE Record Organization URI: A link to the Logistics Object of Type data holder provided by your own ONE Record API

Utilize Your Own Identity Provider

It is also possible to use your own identity provider. In such a case, we will require the following information:

• ONE Record Organization URI: A link to the Logistics Object of Type data holder provided by your own ONE Record API
• Issuer URL: A link to the Identity Provider that creates and signs JWT Token.
• Public key URL (e.g. JWKS): A link to the location of used Public Keys to verify JWT Tokens issued by Identity Provider

Approval Check

After our approval check, you will receive the following information from us as a response:

• Token URL: Endpoint where your ONE Record client application can request an ID token used for ONE Record authentication.
• client_id and client_secret: Client credentials used to authenticate the client application with the authorization server.
• scope: the scope of the access request.
• JWT Issuer: Link to the identity provider that creates and signs the JWT token issued by Lufthansa Cargo Identity Provider
• Public key location: Link to the location of current used public keys to verify JWT tokens issued by Lufthansa Cargo Identity Provider.

Remaining instructions and information, such as how to obtain a JWT or make requests, are described in the full documentation which you will receive upon our approval check.

Please be aware that after your registration within the developer portal, we will manually approve your request. Your request may take up to a few days to process. We will get in touch with you via email to hand over instructions and the next steps.