email_verified field in the id_token?

Also: if I don't see the email_verified field in tokens (like I am not for tokens from web sign ins) does that mean email_verified: true?

There is no "email_verified" field in the response as only verified email will be returned.

Thanks for the info sudhakar19. I did get a token from the iOS SDK that decoded into claims like this:

{
  "iss": "https://appleid.apple.com",
  "aud": "my aud",
  "exp": 1565810682,
  "iat": 1565810082,
  "sub": "some sub",
  "c_hash": "hash",
  "email": "emailaddress",
  "email_verified": "true",
  "auth_time": 1565810082
}

and there is an `email_verified` field in there.

Thanks for the details. We did introduce this claim in the ID token recently to communicate that this is a verified email address.

Since we will only return verified email address this value when included will always be true. We decided to include this so that applications that depend this claim to recognize a verified email can continue to do so.

@Apple Staff To Confirm Apple has introduced a bug in the form of an Improperly formatted Token.
The claim "email_verified" SHOULD be of Type BOOLEAN and NOT String as stated with the OpenID Standard. openid.net/specs/openid-connect-core-1_0.html#StandardClaims

NOTE: Currently ALL Salesforce Organization their Apple Auth Provider Setup now Fails because of this and they are asking Us Users to request Apple fix their NON-Standard Id_Token format.

Is this something that can be fixed?

@Apple Staff To Confirm Apple has introduced a bug in the form of an Improperly formatted Token. The claim "email_verified" SHOULD be of Type BOOLEAN and NOT STRING as stated with the OpenID Standard. openid.net/specs/openid-connect-core-1_0.html#StandardClaims

NOTE: Currently ALL Salesforce Organization their Apple Auth Provider Setup now Fails because of this and they are asking Us Users to request Apple fix their NON-Standard Id_Token format.

Is this something that can be fixed?