diff --git a/src/TideSearchOperation.php b/src/TideSearchOperation.php
index dff2b05..30a9cb2 100644
--- a/src/TideSearchOperation.php
+++ b/src/TideSearchOperation.php
@@ -334,5 +334,27 @@ public function setCoreSearchApiFields() {
 
     $config->save();
   }
-
+  
+  /**
+   * Defines the name of the field that contains elasticsearch query config.
+   */
+  const SEARCH_CONFIG_FIELD = "field_search_configuration";
+  
+  /**
+   * Restricts field_search_configuration to administrators.
+   */
+  public function restrictFieldSearchConfiguration() {
+    $config_factory = \Drupal::configFactory();
+    $config = $config_factory->getEditable('field.storage.node.field_search_configuration');
+    $config->set('third_party_settings', ['field_permissions' => ['permission_type' => 'custom']]);
+    $config->save();
+    
+    foreach (["anonymous", "authenticated"] as $role_id) {
+      $role = \Drupal::entityTypeManager()->getStorage('user_role')->load($role_id);
+      $role->grantPermission(sprintf("view %s", self::SEARCH_CONFIG_FIELD));
+      $role->grantPermission(sprintf("view own %s", self::SEARCH_CONFIG_FIELD));
+      $role->save();
+    }
+  }
+  
 }
diff --git a/tide_search.install b/tide_search.install
index cae52d0..682eb09 100644
--- a/tide_search.install
+++ b/tide_search.install
@@ -117,3 +117,11 @@ function tide_search_update_10004() {
   _tide_core_field_content_category_default_value('tide_search_listing', 'Search listing');
   _tide_core_content_category_form_display('tide_search_listing');
 }
+
+/**
+ * Restricts field_search_configuration to administrators.
+ */
+function tide_search_update_10005() {
+  $tideSearchOperation = new TideSearchOperation();
+  $tideSearchOperation->restrictFieldSearchConfiguration();
+}