Our application is authenticating users using an email passwordless connection.
We have found in the Auth0 Logs that every single successful authentication attempt is mirrored by a number of failed authentication requests coming from IP addresses in unknown locations.
Is this something that may be cause by a configuration error or could this be caused by someone actively trying to get access to our application?
The attachment contains an example of a failed request. The user_agent is always “Chrome 70.0.3538 / Windows 10.0.0” on these invalid requests.