With our previous provider, they had a policy you could turn on that would enable geofencing but exclude(allow) mobile logins. In that flow, the initial login would subject to an approval that would be sent to your email on record for the user so that the user could effectively approve that device.
Would love to see if a similar feature could be available with the business product.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided