UPDATE:
For the PROG flow, in order to log the call to https://{yourDomain}/oauth/token with the end-user IP address instead of the server IP address (from which the request is sent), the recommendation is to add to this request an additional header: 'auth0-forwarded-for': req.ip // End user ip and to make relevant adjustments in the Auth0 dashboard described in this faq or this article.
Hope this helps and any feedback would be appreciated.