Microsoft Entra user access brief
Read-only access review brief for one Microsoft Entra user. It reads the user profile, direct memberships, directory audit activity, and sign-in activity through recued-core.microsoft-entra, then asks the AI summarizer for access posture, risky signals, and next steps. It never disables users, changes memberships, resets passwords, mutates MFA, changes roles, or calls arbitrary Graph APIs.
How it works
Inspect the data fetches, transforms, gates, and output this recipe runs.
Process (19 steps)
user_id
trim
Trim whitespace from setting user id
sign_in_filter
template
Generate text from a template
audit_filter
template
Generate text from a template
user
?
memberships_raw
?
audits_raw
?
sign_ins_raw
?
memberships
default
Apply default
audits
default
Apply default
sign_ins
default
Apply default
membership_count
count
Count items in memberships
audit_count
count
Count items in audits
sign_in_count
count
Count items in sign ins
summarize
?
membership_rows
slice
Take a subset of
sign_in_rows
slice
Take a subset of
membership_table
to_table
Format results as a data table
sign_in_table
to_table
Format results as a data table
card
to_summary
Format results as a summary card
Settings
Configurable at install. Defaults shown — change them anytime in Recued.
focus
setting
=
Summarize this Microsoft Entra user's account-enabled state, profile context, direct memberships, recent directory audit events, recent sign-in activity, access-risk signals, and concrete next steps. Do not invent facts outside the Microsoft Graph data.
user id
setting
=
microsoft
setting
=
row limit
setting
=
20
max length
setting
=
900
Trust & control
What installing this recipe would let it do. Recued grants these permissions at install — review them there before approving.