A statement in an AccessToken that asserts information about the subject which the Authorization Service knows to be true.

Note 1 to entry: Claims can include username, email, and Roles granted to the subject.