I can see under “Configuring Custom Multifactor → Access from an Extranet” in the Auth0 docs how to check for requests from a corporate network to use in deciding whether to require MFA.
However, if different users should be checked against different networks, do you have any suggestions on how to achieve this? I presume a good solution would be to store the required network subnet in the users’ app data, so the rules can check that against the request’s IP address. I expect this would be better than trying to make a call out to another service to check the desired IP range.Does anyone have any other suggestions here?