FAQ-000487 - Custom Settings and Configuration Security / Post-Installation Configuration and Customer Setup

To allow users without admin permissions to securely modify specific custom metadata records, you can: 1. **Create a Custom UI**: Use Visualforce, Aura, or Lightning Web Components (LWC) to build a user interface for capturing changes. 2. **Process Changes in Apex**: Pass the user input to an Apex class within the managed package for secure processing and updating of the custom metadata records. Ensure your Apex code enforces proper security by using `WITH USER_MODE` in SOQL queries and `AccessLevel.USER_MODE` for Database methods to automatically enforce CRUD and FLS permissions. 3. **Restrict Access**: Use specific profiles or permission sets to control access to this functionality, ensuring only authorized users can make modifications. This approach ensures secure and controlled updates to custom metadata records.

The original answer provides a solid architectural approach but lacks specific security guidance for the Apex implementation. I added a brief mention of modern security enforcement features (`WITH USER_MODE` and `AccessLevel.USER_MODE`) to the existing point about Apex processing, following the FAQ review guidelines that prioritize modern security features. This addition aligns with the ApexCRUDViolation and ApexSharingViolations rules by highlighting how to properly enforce permissions in the Apex code that would handle the custom metadata updates. The structure, length, and all existing points were preserved - I only enhanced the existing Apex point with security context. For ApexCRUDViolation: This rule is relevant because the FAQ discusses "Process Changes in Apex" for updating custom metadata records. When implementing Apex code to handle these updates, developers need to ensure proper CRUD permissions are enforced, which this rule validates. For ApexSharingViolations: This rule applies because the FAQ mentions creating Apex classes to process user input and update records. The Apex code implementing this functionality should properly respect sharing rules and user permissions, which this rule helps enforce.