Finding VPNs or IPs from Other Countries


This article explains to create a mechanism to generate an alert when an Auth0 Login occurs from a specific IP address that is be outside of a particular country, as well as any IP address that is a VPN or Proxy to mask their location.


This can be done with the Actions feature, expanded below:

  • Auth0 does not have a VPN detection feature. However, within Actions, the country of a user that is logging in can be detected in the “event” property. There will be a “geoip” that includes the IP and the necessary information. Refer to the Actions Triggers: post-login - Event Object.
  • Use this to know where the user is coming from and act accordingly. This is better explained in the Country-Based Access with Auth0 Actions blog that explains how to deny users by country. Here a sample action can be found that requires sending an email instead of using “api.access.deny”.
  • Sending an email from actions is also possible since these are running under Node. Depending on the email provider that is used, create an “axios” request to call their API service and send the email. In the same manner, make an API call for using a VPN detection feature.