The following identity-related claims are defined for kya and kya-pay tokens.

Claim	Description
`hid`	A map of human identity claims (individual or organization).
`apd`	OPTIONAL - Agent Platform identity claims.
`aid`	Agent identity claims.
`scope`	OPTIONAL - String with space-separated scope values.

Human Identity (`hid`) Sub-Claims

The Human Identity (hid) claim contains sub-claims identifying the human principal (individual or organization) as follows.

Claim	Description
`email`	Email address associated with the human individual or organization.
`birthdate`	OPTIONAL - Birthdate of the human principal if they are an individual.
`given_name`	OPTIONAL - Given name(s) or first name(s) of the human principal if they are an individual.
`middle_name`	OPTIONAL - Middle name(s) of the human principal if they are an individual.
`family_name`	OPTIONAL - Surname(s) or last name(s) of the human principal if they are an individual.
`phone_number`	OPTIONAL - Phone number associated with the human individual or organization.
`organization_name`	OPTIONAL - Name of the organization.
`verifier`	OPTIONAL - URL of the Identity Verifier.
`verified`	OPTIONAL - Boolean Verification status; `true` if verified, otherwise `false`.
`verification_id`	OPTIONAL - Verification identifier for the verification performed, such as a GUID.

Additional sub-claims MAY be defined and used. The recipient MUST ignore any unrecognized sub-claims.

Agent Platform Identity (`apd`) Sub-Claims

The Agent Platform (apd) claim is optional. If present, it contains the following sub-claims.

Claim	Description
`id`	Agent Platform identifier.
`name`	OPTIONAL - Agent Platform name.
`email`	OPTIONAL - Email associated with agent platform. Included if the agent platform Representative has done KYA.
`phone_number`	OPTIONAL - Phone number associated with agent platform.
`organization_name`	OPTIONAL - Legal name associated with agent platform.
`verifier`	OPTIONAL - URL of the Identity Verifier.
`verified`	OPTIONAL - Boolean Verification status; `true` if verified, otherwise `false`.
`verification_id`	OPTIONAL - Verification identifier for the verification performed, such as a GUID.

Additional sub-claims MAY be defined and used. The recipient MUST ignore any unrecognized sub-claims.

The Agent Identity (aid) claim describes the specific agent responsible for the request.

Claim	Description
`name`	Agent name. The name should reflect the business purpose of the agent.
`creation_ip`	The public IP address of the system / agent that requested the token. Its value is a string containing the public IPv4 or IPv6 address from where the token request originated. It MUST be captured directly from the token request.
`source_ips`	OPTIONAL - Valid public IP address, or range of public IP addresses, from where the system / agent's requests to merchants / services will originate. Array of comma-separated IPv4 addresses or ranges, IPv6 addresses or ranges, or domain names resolvable to an IP address via DNS. IPv4 and IPv6 addresses can be a single IPv4 or IPv6 address or a range of IPv4 or IPv6 addresses in CIDR notation or start-and-end IP pairs.

Additional sub-claims MAY be defined and used. The recipient MUST ignore any unrecognized sub-claims.