Auth0 Home Blog Docs

Make JWT token valid only for the IP that was used to generate it



Hey everyone,

I’m trying to make it so that any JWT is only valid for the IP address that generated it.

Is there a rule I can create or a way to get the IP included in the JWT?
I want to avoid having to write server-side code that queries the Management API or that keeps track of the sessions.