diff --git a/pkg/identity/email/principal_test.go b/pkg/identity/email/principal_test.go
index 980ef3879..ea12b0f15 100644
--- a/pkg/identity/email/principal_test.go
+++ b/pkg/identity/email/principal_test.go
@@ -87,6 +87,33 @@ func TestPrincipalFromIDToken(t *testing.T) {
 			},
 			WantErr: false,
 		},
+		`String email verified value`: {
+			Claims: map[string]interface{}{
+				"aud":            "sigstore",
+				"iss":            "https://dex.other.com",
+				"sub":            "doesntmatter",
+				"email":          "alice@example.com",
+				"email_verified": "true",
+				"federated": map[string]string{
+					"issuer": "https://example.com",
+				},
+			},
+			Config: config.FulcioConfig{
+				OIDCIssuers: map[string]config.OIDCIssuer{
+					"https://dex.other.com": {
+						IssuerURL:   "https://dex.other.com",
+						IssuerClaim: "$.federated.issuer",
+						Type:        config.IssuerTypeEmail,
+						ClientID:    "sigstore",
+					},
+				},
+			},
+			ExpectedPrincipal: principal{
+				issuer:  "https://example.com",
+				address: "alice@example.com",
+			},
+			WantErr: false,
+		},
 		`Custom issuer claim missing`: {
 			Claims: map[string]interface{}{
 				"aud":            "sigstore",
diff --git a/pkg/oauthflow/oidc.go b/pkg/oauthflow/oidc.go
index 34845ea2a..583674bc8 100644
--- a/pkg/oauthflow/oidc.go
+++ b/pkg/oauthflow/oidc.go
@@ -23,11 +23,25 @@ import (
 	"github.com/coreos/go-oidc/v3/oidc"
 )
 
+type stringAsBool bool
+
+func (sb *stringAsBool) UnmarshalJSON(b []byte) error {
+	switch string(b) {
+	case "true", `"true"`, "True", `"True"`:
+		*sb = true
+	case "false", `"false"`, "False", `"False"`:
+		*sb = false
+	default:
+		return errors.New("invalid value for boolean")
+	}
+	return nil
+}
+
 func EmailFromIDToken(token *oidc.IDToken) (string, bool, error) {
 	// Extract custom claims
 	var claims struct {
-		Email    string `json:"email"`
-		Verified bool   `json:"email_verified"`
+		Email    string       `json:"email"`
+		Verified stringAsBool `json:"email_verified"`
 	}
 	if err := token.Claims(&claims); err != nil {
 		return "", false, err
@@ -36,7 +50,7 @@ func EmailFromIDToken(token *oidc.IDToken) (string, bool, error) {
 		return "", false, errors.New("token missing email claim")
 	}
 
-	return claims.Email, claims.Verified, nil
+	return claims.Email, bool(claims.Verified), nil
 }
 
 func IssuerFromIDToken(token *oidc.IDToken, claimJSONPath string) (string, error) {