Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.livingsecurity.com/llms.txt

Use this file to discover all available pages before exploring further.

Template variables let you personalize playbook notifications, nudges, scorecard emails, and report messages without writing separate copy for every recipient. The platform resolves each {{ token }} against directory data, the run context, and the triggering event before the message is delivered.

Syntax

All template variables use Mustache-style double braces: 
Hi {{ recipient.firstName }}, your training is due {{ training.dueDate }}.
  • Whitespace inside the braces is optional. {{recipient.firstName}}, {{ recipient.firstName }}, and {{ recipient.firstName }} all resolve identically.
  • Tokens are case-sensitive and use dot-notation for nested fields (recipient.firstName, not recipient.first_name).
  • Tokens use the canonical names below, but most accept short aliases for backward compatibility (see Aliases).
Unresolved tokens are rendered literally. If you type {{ recipient.firsName }} (typo) or reference a variable the template doesn’t support, the recipient will see the raw {{ recipient.firsName }} text in their inbox. Always preview a message before sending and validate any tokens you add.

Universal recipient variables

These tokens are available in every template (welcome emails, training notifications, nudges, scorecards, reports, and playbook-step messages).
TokenDescriptionSample value
recipient.firstNameThe recipient’s first name.Jane
recipient.fullNameThe recipient’s full display name.Jane Doe
recipient.emailThe recipient’s primary email address.jane.doe@example.com
organization.nameThe customer’s organization name.Acme Corporation
system.loginUrlThe platform sign-in URL.https://app.livingsecurity.ai
system.engageUrlThe Engage learner app URL.https://engage.livingsecurity.ai
system.engageScorecardUrlDirect link to the employee’s scorecard in the Engage app.https://engage.livingsecurity.ai/scorecard

Playbook step variables

When you author a playbook Send Nudge, Send Notification, or Webhook step, the recipient’s full directory record is available under the user namespace. These tokens work in subject lines, email bodies, Slack/Teams messages, and webhook body templates.
TokenDescriptionSample value
user.firstNameFirst name from the directory.Jane
user.lastNameLast name from the directory.Doe
user.displayNameFull display name.Jane Doe
user.emailPrimary email.jane.doe@example.com
user.departmentDepartment from the identity provider.Engineering
user.jobTitleJob title from the identity provider.Software Engineer
user.managerEmailManager’s primary email.boss@example.com
user.hrManagerEmailHR manager’s primary email.hr@example.com
user.phonePhone number from the directory.+1-555-0100
user.custom.<attribute_key>Any custom attribute defined for your org (SCIM customAttributes or local custom fields).user.custom.lms_idEMP-4821
Custom attributes are configured per organization. The key after user.custom. must exactly match the attribute key shown in Settings → People → Custom Attributes.

Risk and signal variables (playbook steps only)

If your playbook step references a risk or signal token, the platform automatically enriches the recipient’s context with their current HRI data before sending. No extra configuration required.
TokenDescriptionSample value
risk.overallScoreOverall HRI score (0–1000, higher = safer).742
risk.riskLevelDerived risk category: low, moderate, high, very_high, critical.moderate
risk.behaviorScoreBehavior component score (0–400).310
risk.threatScoreThreat component score (0–200).145
risk.identityScoreIdentity component score (0–400).287
signals.<signal_key>Count of a specific normalized signal for the recipient.signals.phishing_sim_clicked_60d2

Triggering-event variables (playbook steps only)

When a playbook is triggered by a security event (for example a phishing simulation click), the event metadata is exposed under the event namespace.
TokenDescriptionSample value
event.simulationNameName of the simulation that triggered the playbook.Q2 Credential Harvest
event.attackTypeAttack pattern of the triggering event.credential_harvest
event.clickTimestampISO-8601 timestamp when the user clicked.2026-05-12T14:32:18Z
event.subjectLineSubject line of the simulation email.Action required: password expiring
event.difficultyTierDifficulty tier of the simulation.advanced

Run context (advanced)

For webhook step body templates and branch expressions, the playbook run itself is addressable:
TokenDescription
participant.idThe current run participant ID.
participant.userIdThe participant’s user ID.
run.idThe playbook run ID.
step.idThe current step ID.
step.nameThe current step name.
input.<key>Any input parameter passed when the playbook run started.
steps.<stepId>.<key>Any output value produced by a previous step.

Per-template extras

Some platform-managed templates expose additional tokens specific to their purpose. Expand the template you’re editing to see its extra variables.
In addition to the universal recipient variables:
TokenDescriptionSample value
organization.supportEmailThe customer or partner support email address.support@acme.com
In addition to the universal recipient variables:
TokenDescriptionSample value
training.titleThe assigned training module title.Phishing Fundamentals
training.dueDateThe assignment due date.May 15, 2026
In addition to the universal recipient variables:
TokenDescriptionSample value
training.titleThe assigned training module title.Phishing Fundamentals
training.dueDateThe assignment due date.May 15, 2026
In addition to the universal recipient variables:
TokenDescriptionSample value
sender.nameDisplay name of the security team / sender for the message.Security Team
recipient.departmentThe recipient’s department.Engineering
recipient.jobTitleThe recipient’s job title.Software Engineer
risk.hriScoreThe recipient’s Human Risk Index score.256
risk.levelThe recipient’s risk level label.Somewhat Risky
risk.topFactorThe recipient’s primary HRI risk factor (behavior / threat / identity).Multiple DLP events
risk.identityScoreThe recipient’s HRI identity-pillar score (0-400).128
risk.behaviorScoreThe recipient’s HRI behavior-pillar score (0-400).150
risk.threatScoreThe recipient’s HRI threat-pillar score (0-200).92
risk.overallScoreAlias for risk.hriScore. The recipient’s overall Human Risk Index (0-1000).256
In addition to the universal recipient variables:
TokenDescriptionSample value
scorecard.scoreThe rendered scorecard score for the recipient.742
scorecard.snapshotUrlA link to view the scorecard.https://app.livingsecurity.com/scorecards/preview
Uses the universal recipient variables only, including system.engageUrl and system.engageScorecardUrl for Engage deep links.
In addition to the universal recipient variables:
TokenDescriptionSample value
report.nameThe report display name.Monthly Human Risk Report
report.summaryA short generated summary of the report contents.Your human risk score improved by 12% this month.
report.urlA link to view the report.https://app.livingsecurity.com/reports/monthly-risk

Aliases

To stay backward compatible with older content, several tokens accept short or legacy aliases. The platform automatically canonicalizes them at render time, so all variants below resolve to the same value.
Canonical tokenAccepted aliases
recipient.firstNamefirst_name, member.firstName, user.firstName
recipient.fullNamefull_name, member.fullName, user.fullName
recipient.emailmember.email, user.email
recipient.departmentdepartment, member.department, user.department
recipient.jobTitlejob_title, member.jobTitle, user.jobTitle
organization.nameorganization_name
system.loginUrlsystem.login_url
system.engageUrlsystem.engage_url
system.engageScorecardUrlsystem.engage_scorecard_url
sender.namesender_name
risk.hriScorehri_score, risk.overallScore
risk.levelrisk_level
risk.topFactortop_risk_factor
risk.identityScoreidentity_score
risk.behaviorScorebehavior_score
risk.threatScorethreat_score
report.namereport_name
report.summaryreport_summary
report.urlreport_url
Prefer the canonical dot-notation form (recipient.firstName) in new content. Aliases exist for older templates and may be retired in a future release.

Examples

Training assignment notification

Subject: New training assigned — due {{ training.dueDate }}

Hi {{ recipient.firstName }},

{{ organization.name }} has assigned you a new course: **{{ training.title }}**.
Please complete it by **{{ training.dueDate }}**.

Sign in: {{ system.loginUrl }}

Point-in-time nudge after a risky behavior

Hey {{ user.firstName }},

A quick heads-up from the {{ sender.name }}: based on your recent activity,
your HRI score is currently **{{ risk.hriScore }} ({{ risk.level }})**.
The top factor driving this is: {{ risk.topFactor }}.

Spend two minutes on a refresher: {{ system.loginUrl }}

Scorecard email to a people-manager

Subject: Your team's scorecard is ready

{{ recipient.firstName }}, your team scored **{{ scorecard.score }}** this period.

View the full breakdown: {{ scorecard.snapshotUrl }}

Webhook step body using custom attributes

{
  "userId": "{{ user.custom.lms_id }}",
  "email": "{{ user.email }}",
  "department": "{{ user.department }}",
  "assignedBy": "{{ user.managerEmail }}"
}

Where to use these

Creating Nudges

Author nudge templates in Content Studio.

Editing Playbooks

Configure notification, nudge, and webhook steps inside a playbook.

Creating Playbooks

Build a new playbook from scratch.

Glossary

Definitions for HRI, signals, cohorts, and other terms used above.