2FA based on Security Zone

Just wondering if anyone has implemented 2FA that is or isn’t required based on a security zone (IP in this case).

My use case is that we want operators to not have to do 2FA when logging into a perspective application on the actual computer running Ignition, however, require 2FA in all other instances.

Thanks in advance.