Hi Les,
I've followed the same process and some of my users have received the email in their SPAM folder. So, my suggestion is to send a "newsletter" informing the users about the validation process and to check their spam folder just in case.
Anyway, As said in other entry of this threat it would be great if there was a chance to avoid this mail to the users that had been using the old OAuth module in previous Moodle versions. I assume it's not easy to fix from a tech point of view, bur from a user point of view it doesn't make any sense they've been login for years with their google account in the platform and now the have to validate it again.
Best regards,
Alejandro