This article clarifies why the event.request.geoip object sometimes provides incorrect location data, such as an inaccurate city or region, even when testing from the same device. It addresses scenarios where geolocation-based functionality, such as country-based access, fails to identify the user's precise location.

• Auth0 Actions
• GeoIP
• Geolocation

Limitations in third-party Internet Protocol (IP) database providers, such as MaxMind, lead to inaccuracies in geolocation data. Database update frequencies, IP routing, and the use of Virtual Private Networks (VPNs) or anonymizers contribute to these discrepancies. Additionally, when using a reverse proxy or Content Delivery Network (CDN) like Cloudflare or Akamai between a custom domain and Auth0, the proxy IP address may reach the platform instead of the client IP address, skewing results.

To improve the accuracy of geolocation data or resolve specific location issues, perform the following steps:

1. Verify that the infrastructure, such as a reverse proxy or CDN like Akamai, forwards the correct client IP address to Auth0.
2. Update the True IP Header, such as the X-Forwarded-For header, or equivalent setting in the proxy configuration to ensure the platform uses the user's IP address rather than the proxy's IP address.
3. If specific IP ranges are consistently incorrect, submit a correction request directly to the database provider, such as MaxMind.
4. Review the Country-Based Access with Auth0 Actions article for information on recognized behaviors and known issues with the event.request.geoip object.

NOTE: Geolocation data is generally accurate at the country level, but accuracy decreases significantly at the state and city levels.

Related References

• Configure Cloudflare as Reverse Proxy
• Understanding the Cloudflare True-Client-IP Header
• MaxMind GeoIP Data Correction Request