We can retrieve meta values for custom posts, users, comments, and taxonomies (tags and categories), by querying fields
metaValue (for a single value) and
metaValues (for an array of values) from the corresponding type:
Meta values may be public or private. For instance, user meta includes entry
wp_capabilities, which is private, while
description is public. And then there is
last_name, which may be public or private depending on the application.
The GraphQL API plugin does not impose which meta keys are public and which are private; this must be explicitly configured. By default, the list of allowed meta keys is empty.
Configuring the allowed meta keys permalink
This is the description for module "Schema Custom Post Meta". For the Users, Comments and Taxonomies modules, the procedure is similar.
In the "Schema Custom Post Meta" tab from the Settings, we must configure the list of meta keys that can be queried via the meta fields.
Each entry can either be:
- A regex (regular expression), if it's surrounded by
- The full option name, otherwise
For instance, both entries
/_edit_.*/ match meta key
There are 2 behaviors, "Allow access" and "Deny access":
👉🏽 Allow access: only the configured entries can be accessed, and no other can
👉🏽 Deny access: the configured entries cannot be accessed, all other entries can