BigCommerce metafields allow you to store your data in the BigCommerce platform, whether you’re a store owner, app developer or system integrator.
BigCommerce provides a permission system to protect metafields from being viewed or modified by other people.
When creating a metafield via an app or API account, you can choose from the following permission sets which control who can update a metafield value.
Permission | Description |
app_only | Metafield is only visible to the app or API account that created it |
read | Any app or API account can view the metafield but only the creator can update it |
write | Any app or API account can make changes |
read_and_sf_access | Any app or API account can view the metafield via REST or GraphQL but only the creator can update it |
write_and_sf_access | Any app or API account can make changes, and it’s available on the storefront GraphQL API. |
Despite these flexible permissions, you may still run into issues. Only the original creator of the meafield can make changes to the namespace, key or permission set of a metafield, or delete it. For example “You do not have permission to delete metafield”. These actions can only be performed by the app or API account that created the metafield. Unfortunately, this isn’t always practical or possible, e.g. lost credentials.
Overriding metafield permissions
BigCommerce has recognised the value of Metafields Manager and given it super permissions so that you can make changes to any metafield on your store. Whether that’s updating the value on a read-only metafield, updating the namespace, or deleting a metafield. All of these can be achieved within the app or through the import/export.
Changing metafield owner
For the more advanced use case, you may wish to update the owner of a metafield to another API account. For example, if you have a custom integration that manages product metafields that needs to be able to update and delete metafields owned by another user.
With Metafields Manager you can now change the owner of a metafield.