[NO MERGE] Clarify user claim handling for presence and annotations

src/pages/docs/auth/capabilities.mdx

@@ -544,7 +544,9 @@ Capabilities are determined for [Ably JWTs](/docs/auth/token#jwt) in the followi
 
 It is possible for JWTs to contain authenticated claims for users that can be used to allow or disallow certain interactions in your channels.
 
-Messages can be annotated with trusted metadata copied from the client's authentication token by Ably servers. Clients are unable to directly publish messages with user claim metadata, and claims contained within the authentication token are signed to prevent tampering. Claims can be scoped to individual channels or to namespaces of [channels](/docs/channels). The most specific user claim will be added to the message as part of the `extras` object. Note that this does not apply to presence or metadata messages.
+Messages can be annotated with trusted metadata copied from the client's authentication token by Ably servers. Clients are unable to directly publish messages with user claim metadata, and claims contained within the authentication token are signed to prevent tampering. Claims can be scoped to individual channels or to namespaces of [channels](/docs/channels). The most specific user claim will be added to the message as part of the `extras` object.
+
+Custom restrictions also apply to presence messages and individual annotations. In both cases, the user claim is included in `extras.userClaim`.
 
 To set the trusted fields you need to include `ably.channel.*` in your JWT authentication payload, for example: