I added some test cases for MDCA and AAD and found issues if a user was not found by the API.
For example a user who never had a risk level gets returned as a 404 error by the AAD Identity protection API
MDCA API had a similar problem as well as an issue if there was no enriched user id (like in a on prem user where we only have the SID/guid/samaccountname and the base module can't enrich it because it's not synced)
MDCA also had an issue in the sum of the threat score as some of the users scores were 'None' so I replaced all None with 0
I added some test cases for MDCA and AAD and found issues if a user was not found by the API.