The authenticator app can ask for location directly via gps, but if your company doesn’t enforce that requirement, you can deny the app that permission.
However if your org is using Azure AD or ADFS, your location will instead be inferred based on public IP and then challenged against conditional access policies.
Outside of those two scenarios, you’re probably good.
This is really cool, I wish I’d heard of this when I was younger! Are you at all concerned your workplace could find out via the IPs you’re using for VPN? Or perhaps just remotely checking the GPS coordinates on your work laptop?
I can think of an easy way to get around the first one, but haven’t come up with anything for GPS tracking. Curious if someone has a trick.
That’s really the thrust of it. It is actually quite trivial for a company to figure out if they care, and overwhelmingly the ones who do care, really only care if they wanted to fire you anyway.