---
title: Introducing explicit access grants for app-owned metafields - Shopify developer changelog
description: Shopify’s developer changelog documents all changes to Shopify’s platform. Find the latest news and learn about new platform opportunities.
source_url:
  html: https://shopify.dev/changelog/introducing-explicit-access-grants-for-app-owned-metafields
  md: https://shopify.dev/changelog/introducing-explicit-access-grants-for-app-owned-metafields.md
---

[Back to Developer changelog](https://shopify.dev/changelog)

October 1, 2023

Tags:

* API
* 2023-10

# Introducing explicit access grants for app-owned metafields

As of GraphQL Admin API version 2023-10, you can grant `READ` or `READ_WRITE` access to your metafields to explicitly specified apps, by using the new `grants` property of the `access` object in your `metafieldDefinitionCreate` and `metafieldDefinitionUpdate` mutations. You can pass a list of up to 16 grants per definition, specifying the grantee and the level of access to grant.

This could be useful if you need fine-grained control over access to your metafields, for example you could keep the admin access setting `PRIVATE` but explicitly grant access to other app ids.

Learn more about metafield access controls on [shopify.dev](https://shopify.dev/docs/apps/custom-data/metafields/definitions/access-controls).

Note that the introduction of explicit grants required a breaking change to the `metafieldDefinitionUpdate` mutation - see [Breaking change to metafieldDefinitionUpdate mutation: access input type changed](https://shopify.dev/changelog/breaking-change-to-metafielddefinitionupdate-mutation-access-input-type-changed) for details.