Auth0 Home Blog Docs

Userinfo "email_verified" field. String, Boolean or both?

Hi all,

In my call to the userinfo endpoint I get profile information, including a flag “email_verified” which I’m checking in my app. Docs say that “email_verified” is a boolean.

I can see that it’a a boolean when I use the username/password from a database - looking good:

    "sub": "auth0|5d2xxxxxxxxx",
    "nickname": "",
    "name": "",
    "picture": "",
    "updated_at": "2019-07-06T09:32:07.441Z",
    "email": "",
    "email_verified": true

I’ve enabled the PayPal social login. For those identities I see “email_verified” is a string, which is in conflict with the documentation.

    "sub": "paypal|HJKf4sxxxxxxxxxxxxxxxxxxxxxx",
    "nickname": "paypal",
    "name": "Foo Bar",
    "picture": "",
    "updated_at": "2019-07-06T09:35:29.839Z",
    "email": "",
    "email_verified": "true"

I’ve had to work around this in my code because my JSON parser throws a wobbly when it encounters a string in a boolean field. Is it fair to assume it’s a bug?

As per OIDC standard, it should be a boolean:

so I would say it’s a bug.