![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 86%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJH%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
Hello @John Hirst , in order to include user information in a custom email you can query the directory using MS Graph List riskDetections operation. You will get useful information such as the user id (userId), displayName (userDisplayName) and upn (userDisplayName), which may match his email. You can use the user Id to get more information (Eg. mail, phone, etc) about a user using the MS Graph Get a user operation. Keep in mind delta queries are not yet supported for the List riskDetections operation so you may want to store the latest risk detection timestamp (activityDateTime) in order to use it as a filter for your next query.
Let us know if this answer was helpful to you or if you need additional assistance. If it was helpful, please remember to accept it so that others in the community with similar questions can more easily find a solution.