...

Certain claims can be limited by size in the access token, to avoid HTTP header oversize in some situations. Each claim type can be limited by setting the size limit in kb KB setting in the claim configuration user interface. Any value above 0 will limit the size.

If the size is reached on a claim type, the claim type claim_type_limit_reached is automatically added to the token. The claim contains a string or list of claim types that reached the limit. The claim type is still added but only filled with elements up to the limitation. It’s advised to load the data over the user info endpoint in this case. This behavior can help mitigate edge case, such as a user with several hundreds of delegations and an infrastructure that limits the HTTP header to 4 KB.

Identity Token

Whenever an application requires any information about the user that was authenticated, it should use the OpenID Connect Protocol to get an ID token. This ID token contains the requested information about a user such as the first or last name.

...