Virtual Organisation Orthogonal Technology (VOOT) standard extends SCIM to exchange information about groups and its members in federated environment. Old version 1.0, which is currently used in some products (Perun, OpenConext, Grouper, COmanage), is not compatible with the new one. Version 1.08 defines a protocol for read-only access to information about users’ group membership within an organisation or aggregated across organisations and their role in these groups. VOOT 1.0 provides REST API, which supports 2 calls: retrieve a list of groups the user is member of and retrieve the list of people that are members of a group the user is also member of. Only JSON data format is supported.
Current version 2.0 defines a protocol and a data model. Protocol provides information about groups and roles. All requests towards VOOT provider have to be authenticated with an OAuth2.0 Bearer Token. Information about authorization can be found here https://tools.ietf.org/html/rfc6750. Protocol can work very well also with OpenID Connect. Data model extends SCIM model with membership object and group types object, so it has four entities: user, membership, group and group type. Group type can be chosen according to the situation, there is no detailed specification in core itself about group types, so it is up to communities to standardize it. Thanks to these 2 additional entities, comparing to SCIM, it is possible to build more flexible environment using VOOT 2.0 data model. For example, when user wants to belong to one group and have 2 different roles in this group, it is possible now with the membership entity, which is a big advantage.