Register on the Maersk Developer Portal at developer.maersk.com, create an application, and obtain Consumer Key and Consumer Secret credentials.
Call the Maersk OAuth token endpoint with your credentials to obtain a bearer token; include it as Authorization: Bearer YOUR_TOKEN on all subsequent API calls.
Query container milestones by container number or bill of lading number using the Track and Trace Plus endpoint; parse the events array for milestone codes, timestamps, location, and vessel details.
Create a subscription by POSTing a webhook callback URI to the Track and Trace subscription endpoint; optionally provide a secret token — Maersk will include an X-Maersk-Signature-256 HMAC-SHA256 header on every callback payload.
Receive POST callbacks on your endpoint for each new event; verify the HMAC signature using your stored secret before processing the payload.
If your webhook endpoint returns a non-2xx status, Maersk retries up to five times with exponential back-off starting at 5 minutes; if all retries fail, the subscription is marked stale and must be manually reactivated.
Known gotchas
Subscriptions that fail to acknowledge callbacks are marked stale and stop sending events; implement idempotent handlers that always return HTTP 200 quickly, then process asynchronously.
Maersk track events fire on terminal system milestones (gate-in, vessel load, discharge) rather than on a polling schedule; do not expect minute-level granularity between port events.
The X-Maersk-Signature-256 header must be validated before trusting payload content; skipping signature verification exposes your system to spoofed shipment status injections.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp