Access control

For metafields that you own (refer to ownership), you can control who has access to them.

If you create a metafield definition under a namespace that you own, and you don't specify an access setting for it, then the definition will be private to your app. This means that no other apps can read or write the metafield values under that definition, including the admin UI on behalf of the merchant. If you want merchants to be able to read or edit these values, then you can set admin access to MERCHANT_READ or MERCHANT_READ_WRITE.

In the example below, we create a definition under a namespace that we own. The merchant will have read-only access using the admin UI, but no other API clients will have access.