FAQ-000473 - Custom Settings and Configuration Security / Package Development and Managed Package Considerations

To make custom metadata visible and editable in subscriber orgs after package installation, you can use protected custom settings or create custom UI components (like Visualforce, Aura, or LWC). These components can capture the subscriber's input and pass it to an Apex class within the managed package for secure storage. When implementing the Apex class, ensure proper security enforcement by using WITH USER_MODE for SOQL queries and AccessLevel.USER_MODE for Database methods to automatically enforce CRUD and FLS permissions. Also ensure that public custom metadata is not directly referenced in the class to maintain security.

The original answer provides solid technical guidance for making custom metadata editable in subscriber orgs through UI components and secure Apex storage. However, it lacks specific guidance on how to implement security enforcement in the Apex classes that handle the data operations. Following the security approaches guidelines, I added a recommendation to use modern security features (WITH USER_MODE and AccessLevel.USER_MODE) to automatically enforce permissions. This addition aligns with the emphasis on leading with modern security features while not removing or significantly expanding the existing content structure. For ApexCRUDViolation: This rule is relevant because the FAQ discusses creating Apex classes that handle custom metadata storage operations. The recommended addition about using WITH USER_MODE and AccessLevel.USER_MODE directly addresses CRUD permission enforcement that this rule validates. For ApexSharingViolations: This rule applies because the FAQ involves Apex classes that will handle data operations in managed packages, and proper sharing enforcement is critical when dealing with subscriber org data through custom UI components.