Bug: Trust Token Endpoint IP Header Not working

Hi guys,

So I am having a few issues while trying to use the “Trust Token Endpoint IP Header” option.
So I have a trusted server that is doing the login on behalf of the customer.
However I am having issues because Auth0 is blocking my backend server due to suspicious activity (when users fail login).

So what I did:

  • I enabled “Trust Token Endpoint IP Header” on my Auth0 client app (it is using a Database connection is case this influences anything)
  • I added the following value on my .Net call (new ResourceOwnerTokenRequest … ForwardedForIp = client ipAddress)
  • by looking at the request being sent through fiddler I can see the “auth0-forwarded-for” header value being added correctly
  • However I still see on the logs my server IP Address (instead of the client one)
  • I haven’t tried blocking the server again but I imagine if the logs still show the server IP Address it looks like that client ip address being forwarded is not being used

Can someone give me some pointers?


Nuno Ramos