Add DigitalData.Auth.Claims project and EnvelopeClaimNames

Added a new .NET project `DigitalData.Auth.Claims` targeting `net8.0`
with metadata for NuGet packaging. The project is configured to
not generate a NuGet package on build.

Introduced the `EnvelopeClaimNames` static class to define strongly-typed
constants for custom JWT claim names specific to envelope receiver tokens.
These include `EnvelopeId`, `EnvelopeUuid`, `ReceiverId`, and
`ReceiverSignature`. Added XML documentation for all constants.

DigitalData.Auth.Claims/DigitalData.Auth.Claims.csproj

@@ -0,0 +1,29 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+
+    <!-- NuGet package metadata -->
+    <PackageId>DigitalData.Auth.Claims</PackageId>
+    <Authors>Digital Data GmbH</Authors>
+    <Company>Digital Data GmbH</Company>
+    <Product>DigitalData.Auth.Claims</Product>
+    <Description>
+      Provides strongly-typed JWT claim name constants for the DigitalData.Auth ecosystem.
+      Includes domain-specific claim definitions (e.g. envelope and receiver claims)
+      to be shared across API, client, and consumer projects.
+    </Description>
+    <Copyright>Copyright 2026 Digital Data GmbH</Copyright>
+    <RepositoryUrl>https://git.dd/AppStd/DigitalData.Auth</RepositoryUrl>
+    <PackageTags>digital data auth claims jwt constants</PackageTags>
+    <PackageRequireLicenseAcceptance>false</PackageRequireLicenseAcceptance>
+    <Version>1.0.0</Version>
+    <AssemblyVersion>1.0.0</AssemblyVersion>
+    <FileVersion>1.0.0</FileVersion>
+    <GeneratePackageOnBuild>false</GeneratePackageOnBuild>
+  </PropertyGroup>
+
+</Project>
+

DigitalData.Auth.Claims/EnvelopeClaimNames.cs

@@ -0,0 +1,34 @@
+namespace DigitalData.Auth.Claims
+{
+    /// <summary>
+    /// Defines the custom JWT claim names used for envelope receiver tokens.
+    /// These claims are domain-specific and have no equivalent in <see cref="Microsoft.IdentityModel.JsonWebTokens.JwtRegisteredClaimNames"/>.
+    /// </summary>
+    public static class EnvelopeClaimNames
+    {
+        /// <summary>
+        /// The database primary key of the envelope.
+        /// Claim name: <c>envelope_id</c>
+        /// </summary>
+        public const string EnvelopeId = "envelope_id";
+
+        /// <summary>
+        /// The unique identifier (UUID) of the envelope.
+        /// Claim name: <c>envelope_uuid</c>
+        /// </summary>
+        public const string EnvelopeUuid = "envelope_uuid";
+
+        /// <summary>
+        /// The database primary key of the envelope receiver.
+        /// Claim name: <c>receiver_id</c>
+        /// </summary>
+        public const string ReceiverId = "receiver_id";
+
+        /// <summary>
+        /// The cryptographic signature of the envelope receiver.
+        /// Together with <see cref="EnvelopeUuid"/>, it forms the unique envelope key via <c>ToEnvelopeKey()</c>.
+        /// Claim name: <c>receiver_sig</c>
+        /// </summary>
+        public const string ReceiverSignature = "receiver_sig";
+    }
+}