Un/Trusted machines and MFA

I’m just starting with Keycloak and one of the features that I’m hoping to configure in my app is the trusted device. The goal is to request OTP/MFA with the user is using a new machine.
My app is a react app and I’m using keycloak-js so my Login page is the keycloak one.
I know that I can create a new authentication flow using OTP but I’m not seeing how to make keycloak recognize the machine. I read in other posts about to use user-agent header, but I don’t know to configure it or if it is something that I have to add in my app.