> For the complete documentation index, see [llms.txt](https://docs.veza.com/4yItIzMvkpAvMVFAamTf/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.veza.com/4yItIzMvkpAvMVFAamTf/features/nhi/nhi-suggested-owners.md). # NHI Suggested Owners {% hint style="info" %} **Early Access**: NHI Suggested Owners is available to customers with Access AI enabled. After your account team enables Access AI for your tenant, a Veza administrator must turn on the **Access AI Chat** toggle from the **Early Access** menu in the Veza UI before the feature is available. See [Requirements](#requirements) for details. {% endhint %} When Veza discovers an unowned NHI account, NHI Suggested Owners analyzes the Veza Access Graph to recommend up to three human owner candidates based on entity metadata and graph relationships. This feature can reduce the effort of identifying accountable owners, enable accountability at scale, and assist in owner assignment for entities with no known human owner. Each recommendation includes a confidence score and a plain-language explanation of why that person is a good match. ## How It Works The analysis agent evaluates each NHI through four phases, using signals from strongest to weakest. It resolves every candidate to a confirmed identity in your connected IdP or HRIS before presenting results. | Phase | Analysis Method | Confidence | | ---------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------- | | **1. Property and tag analysis** | Scans NHI metadata for ownership identifiers, including key attributes such as `creator`, `manager`, `contact`, or `admin`, and any value that resembles an email, username, or employee ID. Matches are resolved to IdP users. | High (90–95%) | | **2. Graph relationship analysis** | Examines all direct edges on the NHI node (creation, ownership, administrative, and permission relationships) and hierarchical container ownership. Also inspects properties of directly connected non-human nodes for hidden ownership signals. | High to Low (50–95%) | | **3. Pattern discovery** | Finds similar NHI resources that already have owners and identifies how those owners relate to them (for example, "85% of similar Lambda functions have a CREATED\_BY edge to their owner"). Applies discovered patterns to the unowned NHI. | Medium to High (65–85%) | | **4. Graph proximity** | Falls back to a breadth-first traversal of up to five hops through the Access Graph to find the nearest connected human identity. | Low (<50%) | The agent scores and ranks all candidates, then presents the top three. The response includes an overall confidence score and percentage ratings for each suggestion. ## Viewing Suggested Owners 1. Navigate to **NHI Security > NHI Accounts**. 2. Locate an unowned NHI account in the table. 3. Click the **AI Suggest Owner** button (the AI assistant icon) in the row actions. 4. An Access AI panel opens and runs the ownership analysis. Results appear as up to three ranked candidates, each showing: * Candidate name and confidence label (High / Medium / Low) * Primary signal source (for example, "Created the resource" or "Owns 3 similar service accounts") * Detailed reasoning bullets explaining the match ## Assigning an Owner From the Suggested Owners results: 1. Review the ranked candidates and their reasoning. 2. Click **Assign** on the candidate you want to assign. 3. Confirm the assignment in the dialog that appears. The confirmation shows the confidence score and primary reasoning for the selected candidate. 4. A success notification confirms the owner has been assigned. After the assignment, the NHI account appears as owned and can be included in Access Reviews and governance workflows. ## Requirements * **Access AI must be enabled for your tenant**: contact your account team to enable Access AI capabilities. This feature is in Early Access. * **Access AI Chat must be turned on**: after Access AI is enabled for the tenant, a Veza administrator opens the **Early Access** menu (top-right of the Veza UI) and enables the **Access AI Chat** toggle. NHI Suggested Owners is unavailable until this toggle is on. * **IdP or HRIS integration required**: all suggested candidates are resolved to confirmed identities in a connected identity provider. NHIs in environments without an IdP integration configured will return fewer or no suggestions. Configuring a [Global Identity Provider](/4yItIzMvkpAvMVFAamTf/features/access-reviews/configuration/global-idp-settings.md) enables identity mapping based on manager assignments in your IdP or HRIS source of truth, but is not required. * **Applies to NHI entity types only**: the feature activates on accounts classified as non-human (`identity_type = NonHuman`). ## Related Documentation * [NHI Security](/4yItIzMvkpAvMVFAamTf/features/nhi.md): discovery, governance, and lifecycle management for non-human identities * [Assign Entity Owners](/4yItIzMvkpAvMVFAamTf/features/access-reviews/configuration/managers-and-resource-owners.md): manual and bulk ownership assignment options * [Access AI](/4yItIzMvkpAvMVFAamTf/features/access-ai.md): natural language queries and AI-powered analysis for identity security * [NHI Supported Entities](/4yItIzMvkpAvMVFAamTf/features/nhi/nhi-entities.md): entity types classified as non-human by Veza * [Owners API](/4yItIzMvkpAvMVFAamTf/developers/api/management/owners.md): bulk update entity owners --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.veza.com/4yItIzMvkpAvMVFAamTf/features/nhi/nhi-suggested-owners.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.