OPTIONAL. Subject of the token, as defined in JWT RFC7519. Usually a machine-readable identifier of the resource owner who authorized this token.