Currently we are using a Rule that checks for user_metadata to determine if MFA needs to be disabled for a specific user.
Does Auth0 support something like that based on IP allow listing. If this requires custom setup, could anyone point me in the proper direction on the proper way to accomplish this?
You should be able to achieve this via Rules as well.
To do this, you will need to create an array of IPs, e.g.:
const allowedIPs = [ 0.0.0.0, 127.0.0.1]
And then, check if the user IP context.request.ip is included or not in the array. Here’s the sample code snippet; please adjust it as per your requirement: