Crew OAuth2 Server Overview

In order to use the FlightOps/Crew API, authorization via a specific Lufthansa Crew OAuth2 Server is necessary. There are two separate instances available for the different API environments:

Sandbox and Sandbox Mock API: OAuth2 TEST server
Production API: OAuth2 PROD server

The Lufthansa Crew OAuth2 Server supports the OAuth2 specification according to RFC6749 and provides the following endpoints:

**TEST Server**: oauth-test.lufthansa.com
Endpoint Name	URL	Remarks
Authorization Endpoint	https://oauth-test.lufthansa.com/lhcrew/oauth/authorize	- for MOCK API use scope prefix https://mock.cms.fra.dlh.de/... instead of https://cms.fra.dlh.de/... - a MOCK scope will lead to a special login page which supports login via Google Authenticator
Token Endpoint	https://oauth-test.lufthansa.com/lhcrew/oauth/token
Session Logout Endpoint	https://oauth-test.lufthansa.com/lhcrew/logout	"Browser Logout" (local session) only
Backend Logout Endpoint	https://oauth-test.lufthansa.com/lhcrew/logout_backend	"Backend logout" (Mashery token, backend sessions) only

**PROD Server**: oauth.lufthansa.com
Endpoint Name	URL	Remarks
Authorization Endpoint	https://oauth.lufthansa.com/lhcrew/oauth/authorize
Token Endpoint	https://oauth.lufthansa.com/lhcrew/oauth/token
Session Logout Endpoint	https://oauth.lufthansa.com/lhcrew/logout	"Browser Logout" (local session) only
Backend Logout Endpoint	https://oauth.lufthansa.com/lhcrew/logout_backend	"Backend logout" (Mashery token, backend sessions) only

version 11 as of 6 years ago by Alexander Fuss

Crew OAuth2 Server Overview

Docs Navigation

Contact us here for any information or if you are missing something!