Feature: Include Resolved Domain Name in event.request Object for Auth0 Actions
Description:
I am requesting the addition of a resolved domain name in the event.request object that is passed to Auth0 Actions. Currently, only the originating IP address (event.request.ip) is available, which is useful, but including the resolved domain name for that originating IP (e.g., event.request.resolvedDomain) would significantly enhance security capabilities. This would enable more comprehensive domain-based logic within Actions, such as blocking requests from specific domains known for malicious behavior.
Use-case:
I am working on improving security measures in an application by blocking login attempts from known malicious domains or data centers. Currently, without access to the domain name, I have to rely solely on the originating IP address. However, there are thousands of CIDRs that belong to the one domain I want to block. The inclusion of the resolved domain name would allow for better protection against credential stuffing attacks, reducing the need for external API calls and streamlining the process within Auth0.
