Bug in user profiles connected via “Sign in with Apple”

sbers · October 5, 2021, 6:05pm

This is just a copy and paste of Bug in user profiles connected via "Sign in with Apple" because it was claimed it would be fixed shortly over a year ago and closed, but I am still having this issue.

When using Sign in with Apple, the user profile value for the field “email_verified” is set as string “true” instead of just true.

Some encoders (like in GoLang) do have problems in unmarshalling fields that are of type boolean if the field is returned as string.

Wrong:

"email_verified":"true"

Right

"email_verified":true

We don’t have this problem with other social providers or regular email password authentication, which makes it more difficult as the encoder in Go can be configured to accept strings for booleans or booleans, but not both.

hsinghc · September 25, 2022, 8:27pm

Highlighting this! It is still an issue. The ID token generated with Apple sign-in seems to have “email_verified” in string format.

hsinghc · September 25, 2022, 8:59pm

I resolved it with a custom auth0 action in the login flow. Code below. This seemed to be an issue only on auth0 android SDK (I was using flutter) with apple login. Makes sense that auth0 is not solving this, too low numbers

exports.onExecutePostLogin = async (event, api) => {
  if (event.user.email_verified) {
    api.idToken.setCustomClaim("email_verified", true);
  }
  if (event.user.email_verified === false) {
    api.idToken.setCustomClaim("email_verified", false);
  }
};

sam_w · February 28, 2023, 3:13pm

This is not only an issue with the Android SDK, i’ve got the same issue using the SPA SDK with Apple social login.
Seems like it’s been an issue for years but still no fix for it.