diff --git a/plugin.rb b/plugin.rb
index fd4e56c..df9a3d9 100644
--- a/plugin.rb
+++ b/plugin.rb
@@ -237,8 +237,11 @@ class ::OAuth2BasicAuthenticator < Auth::ManagedAuthenticator
   end
 
   def primary_email_verified?(auth)
-    auth['info']['email_verified'] ||
-    SiteSetting.oauth2_email_verified
+    return true if SiteSetting.oauth2_email_verified
+    verified = auth['info']['email_verified']
+    verified = true if verified == "true"
+    verified = false if verified == "false"
+    verified
   end
 
   def always_update_user_email?
diff --git a/spec/plugin_spec.rb b/spec/plugin_spec.rb
index a2501a7..999bbc0 100644
--- a/spec/plugin_spec.rb
+++ b/spec/plugin_spec.rb
@@ -69,6 +69,17 @@ describe OAuth2BasicAuthenticator do
       expect(result.email_valid).to eq(true)
     end
 
+    it 'handles true/false strings from identity provider' do
+      SiteSetting.oauth2_email_verified = false
+      authenticator.stubs(:fetch_user_details).returns(email: user.email, email_verified: 'true')
+      result = authenticator.after_authenticate(auth)
+      expect(result.email_valid).to eq(true)
+
+      authenticator.stubs(:fetch_user_details).returns(email: user.email, email_verified: 'false')
+      result = authenticator.after_authenticate(auth)
+      expect(result.email_valid).to eq(false)
+    end
+
     context "fetch_user_details" do
       before(:each) do
         SiteSetting.oauth2_fetch_user_details = true