I have tried auth0-forwarded-for with invalid credentials. as you said it blocked the user with proper message. But when I try to sign in a different user with same auth0-forwarded-for IP, still it’s allowing the user to login. then it’s still blocking user based not IP based I guess, at least for the wrong credentials.
and may only surface in tenant logs for events is that means I can’t see those IP’s ??