- Get Started with Attack Surface Insights
- Configure Attack Surface Insights
- Search for Entities in Attack Surface Insights
- View Entities in Attack Surface Insights
- Manage Entities in Attack Surface Insights
- Entity Attributes
Custom Linking for User Entities
Control how Attack Surface Insights links accounts to user entities using the pre-built User Entity Links context table.
User Entity Links is a pre-built context table where you define relationships between user identities. By mapping these relationships yourself, you have more control over the accounts linked to user entities.
By default, the User Entity Links context table has four columns: KeyType1, Key1, KeyType2, and Key2. You can configure these columns and add data to the context table, either programmatically using APIs or manually.
If you map multiple identities together—for example, if a username is mapped to an email, and the email is mapped to an SID—Attack Surface Insights links them all to a single user entity.
Attack Surface Insights prioritizes enriching user entities with context data from the User Entity Links context data first, alongside Microsoft Active Directory and before any other context source.
When you update the User Entity Links pre-built context table, these updates are not automatically applied to existing user entities. To ensure user identities are linked according to the updated information in the context table, you must delete the entity, then allow the system to recreate it with the updated linking.