Multifactor: Per-user configuration of 'trusted' source IPs not to use MFA

I can see under “Configuring Custom Multifactor -> Access from an Extranet” in the Auth0 docs how to check for requests from a corporate network to use in deciding whether to require MFA.

However, if different users should be checked against different networks, do you have any suggestions on how to achieve this? I presume a good solution would be to store the required network subnet in the users’ app data, so the rules can check that against the request’s IP address. I expect this would be better than trying to make a call out to another service to check the desired IP range.Does anyone have any other suggestions here?

Hey there!

Sorry for such delay in response! We’re doing our best in providing the best developer support experience out there, but sometimes the number of incoming questions is just too big for our bandwidth. Sorry for such inconvenience!

Do you still require further assistance from us?