I’m using ASP.NET Identity to implement authentication and authorization in my web API app. I’m a bit confused with the good old Roles vs Claims question, and I have not yet found a clear answer.