--- title: Updates to metafield access controls - Shopify developer changelog description: >- Shopify’s developer changelog documents all changes to Shopify’s platform. Find the latest news and learn about new platform opportunities. source_url: html: 'https://shopify.dev/changelog/updates-to-metafield-access-controls' md: 'https://shopify.dev/changelog/updates-to-metafield-access-controls.md' metadata: effectiveApiVersion: 2024-07 affectedApi: - displayName: Admin GraphQL API handle: admin-graphql primaryTag: displayName: API handle: api secondaryTag: displayName: Update handle: update indicatesActionRequired: false createdAt: '2024-04-19T10:55:40-04:00' postedAt: '2024-05-09T09:00:00-04:00' updatedAt: '2024-05-08T12:26:06-04:00' effectiveAt: '2024-05-09T09:00:00-04:00' --- May 9, 2024 Tags: * Admin GraphQL API * 2024-07 # Updates to metafield access controls It is now possible for apps to view the [`access`](https://shopify.dev/docs/api/admin-graphql/unstable/objects/MetafieldDefinition#field-metafielddefinition-access) field of metafield definitions they have access to but do not own. An `AuthorizationError` error was previously returned when accessing the field for definitions the app didn't have permissions to manage. Note that accessing the [`access.grants`](https://shopify.dev/docs/api/admin-graphql/unstable/objects/MetafieldAccess#field-metafieldaccess-grants) field still requires permissions to manage the definition and an error will be returned if accessing the field with insufficient permissions. As of `2024-07`, the `admin` and `storefront` fields of [`MetafieldAccess`](https://shopify.dev/docs/api/admin-graphql/unstable/objects/MetafieldAccess#field-metafieldaccess-grants) will also start returning values in more cases instead of `null`. Metafields that do not have associated access grants will return `PUBLIC_READ_WRITE` for `admin` access and `LEGACY_LIQUID_ONLY` for `storefront`. In addition, definitions that were created with a storefront access of `NONE` will start returning `NONE` instead of `null`. Finally, it will also now be possible to set `PUBLIC_READ_WRITE` as the `admin` access control. Learn more about access controls for metafields on [Shopify.dev](https://shopify.dev/docs/apps/custom-data/metafields/definitions/access-controls).