Migrate Private Metafields

Regular metafields are “app-owned” if the metafield’s namespace contains your app's reserved namespace. An app reserved namespace is a metafield namespace that's prefixed with your app’s API client ID. This looks like:

app-{your-app-id}--{some-namespace}

Instead of requiring knowledge of your API client ID in the request, your app can use the $app: shorthand in front of the desired namespace to add the prefix. For example, if your app wanted to declare a private metafield with the namespace client_name, you would pass in $app:client_name as the namespace when creating the metafield through the [metafieldsSet](https://shopify.dev/docs/api/admin-graphql/2023-01/mutations/metafieldsSet) mutation. As a result, when reading this metafield back the namespace will look like:

app-12345–client_name

A metafield that uses a reserved prefix will be private by default and not accessible to anyone but your app. However, you may want to specify some granularity to how accessible your metafield can be.

Since the 2021-10 API release, developers can define the metafields they want to use on a resource by creating a metafield definition. Metafield definitions provide developers with validation options on the data stored, the ability to reserve a namespace/key on the resource it’s defined on and metadata about the field such as name and description.

In the 2023-01 API release, metafield definitions now offer a new input field named access that allows developers to specify the granularity in which the data stored in the metafield is exposed. There are three levels of access:

By default, metafields defined by apps under namespaces that they own (meaning that the namespace contains the app's reserved prefix) will be private to the app. Similar to app-data metafields, after a metafield is defined, reading and writing to it is the same as other regular metafields.