Enable Access to Metadata Without Enabling Access to Data, Too (Beta)
The Modify Metadata permission doesn’t impact direct customization of metadata using Setup UI pages, because those pages don’t use Metadata API for updates.
Where: This change applies to Lightning Experience, Salesforce Classic, and all versions of the mobile app in Professional, Performance, and Unlimited editions.
Some metadata, such as Apex, executes in system context, so be careful how you delegate the Modify Metadata permission. Modify Metadata allows deployment of Apex metadata, but it doesn’t allow some Apex development and debugging features that still require the Modify All Data permission.
Why: Previously, users needed the Modify All Data permission to deploy metadata using change sets, the Ant Migration Tool, or the Salesforce CLI. Some users don’t need the data access conferred by the Modify All Data permission, only the metadata access. Now users can deploy metadata if they have the Modify Metadata permission in addition to permissions enabling access to their chosen deployment tool and the feature the metadata supports. For example, to deploy a change set, users previously had to have permissions enabling the feature the change set customized and both the Deploy Change Sets permission and the Modify All Data permission. Users now need only the feature permission, the Deploy Change Sets permission, and the Modify Metadata permission to deploy the change set.