The specification has several mechanisms to enable such provisioning e.g. the set of OAuth 2 scopes
can be extended. The best way to distribute information about the service provided is to take the IMS
produced OneRoster OpenAPI files and to amend these to reflect the actual service being supplied. IMS
has created best practices on how to create and make available localised OneRoster OpenAPI files.