Problem statement
The Guardian application is showing a different location and is missing browser user agent data when looking at the Authentication Request information. For example, the location displayed is San Jose, United States, and the request was made for a device in Europe.
Cause
The MFA prompts may be getting triggered using the Auth0 MFA API from a backend (which for example, could be on AWS servers) and has no user-agent as a result it’s not showing the browser type and shows AWS servers location as in San Jose which could be the backend servers location.
Solution
One workaround from backend would be to set the user-agent by sending it’s value in headers along with MFA challenge request to [https://{auth0_domain}/mfa/challenge ] from the backend and that will show the browser version in Guardian app for the MFA prompted user. There currently is no way to do that same for the IP address.