Simplify your stack and build anything. Or everything.
Schedule a Demo
USE CASES
Headless CMSEnterprise App BuilderHeadless E-CommerceDigital Asset Management
FEATURES
Multi-TenancyWhite LabelLocalizationAccess ControlAuth
CASE STUDIES

See what others are building with Payload.

Browse Case Studies
Build tomorrow’s web with a modern solution you truly own.
PAYLOAD IS FOR
DevelopersMarketing teamsEnterprise companiesAgencies & Consultancies
COMPARE PAYLOAD
Payload vs WordPressPayload vs ContentfulPayload vs SanityPayload vs StrapiPayload vs Directus
AGENCY TESTIMONIAL

"Payload has transformed the way our clients manage content. It's an indispensable tool for any modern agency."

Become a PartnerFind a Partner
Code-based nature means you can build on top of it to power anything.
Resources
DocumentationExamplesTemplatesGitHubReleasesBlog
Community
RoadmapDiscordCommunity Help
Payload Cloud

Deploy your entire stack in one place with Payload Cloud.

LoginCloud Pricing
It’s time to take back your content infrastructure.
Schedule a Demo
Enterprise Features
SSOAI Auto-EmbeddingPublishing WorkflowsVisual EditorStatic A/B testingAI features
Customer Stories
MicrosoftBlue OriginHello BelloMythical SocietyTekton
Featured Customer Story

Microsoft chose Payload to tell the world about AI.

Read the case study
LoginGet Started

Field-level Access Control

Field Access Control is Access Control used to restrict access to specific Fields within a Document.

To add Access Control to a Field, use the access property in your Field Config:

1
import type { Field } from 'payload';
2
3
export const FieldWithAccessControl: Field = {
4
// ...
5
access: {
6
// ...
7
},
8
}

Config Options

Access Control is specific to the operation of the request.

To add Access Control to a Field, use the access property in the Field Config:

1
import type { CollectionConfig } from 'payload';
2
3
export const Posts: CollectionConfig = {
4
slug: 'posts',
5
fields: [
6
{
7
name: 'title',
8
type: 'text',
9
access: {
10
create: ({ req: { user } }) => { ... },
11
read: ({ req: { user } }) => { ... },
12
update: ({ req: { user } }) => { ... },
13
},
14
};
15
],
16
};

The following options are available:

FunctionPurpose
createAllows or denies the ability to set a field's value when creating a new document. More details.
readAllows or denies the ability to read a field's value. More details.
updateAllows or denies the ability to update a field's value More details.

Create

Returns a boolean which allows or denies the ability to set a field's value when creating a new document. If false is returned, any passed values will be discarded.

Available argument properties:

OptionDescription
reqThe Request object containing the currently authenticated user
dataThe full data passed to create the document.
siblingDataImmediately adjacent field data passed to create the document.

Read

Returns a boolean which allows or denies the ability to read a field's value. If false, the entire property is omitted from the resulting document.

Available argument properties:

OptionDescription
reqThe Request object containing the currently authenticated user
idid of the document being read
docThe full document data.
siblingDataImmediately adjacent field data of the document being read.

Update

Returns a boolean which allows or denies the ability to update a field's value. If false is returned, any passed values will be discarded.

If false is returned and you attempt to update the field's value, the operation will not throw an error however the field will be omitted from the update operation and the value will remain unchanged.

Available argument properties:

OptionDescription
reqThe Request object containing the currently authenticated user
idid of the document being updated
dataThe full data passed to update the document.
siblingDataImmediately adjacent field data passed to update the document with.
docThe full document data, before the update is applied.
Next

Hooks Overview

Related Help Topics