Skip to main content
PATCH
/
app
/
config
/
social-media-urls
Update social media URLs configuration
curl --request PATCH \
  --url https://handauncle-backend-prod-205012263523.asia-south1.run.app/app/config/social-media-urls \
  --header 'Content-Type: application/json' \
  --header 'x-backend-secret: <x-backend-secret>' \
  --data '
{
  "twitter": "https://x.com/handauncle",
  "instagram": "https://instagram.com/handauncle.official"
}
'
{
  "success": true,
  "data": {
    "message": "Social media URLs updated successfully",
    "socialMediaUrls": {
      "facebook": "https://www.facebook.com/handauncle",
      "instagram": "https://instagram.com/handauncle.official",
      "linkedin": "https://www.linkedin.com/company/handauncle",
      "twitter": "https://x.com/handauncle"
    }
  },
  "meta": {
    "requestId": "req_674e2f8e2g5f7h9i1d4e6f8g",
    "timestamp": "2025-12-10T14:36:14.890Z"
  }
}
Admin endpoint to update social media profile URLs for Facebook, Instagram, LinkedIn, and Twitter.
This is an administrative endpoint that requires authentication via the BACKEND_SECRET. Only authorized administrators should have access to this endpoint.

Authentication

This endpoint requires the x-backend-secret header with a value matching the BACKEND_SECRET environment variable configured on the server. 
x-backend-secret: your-backend-secret-here

Optional Headers

  • x-user-id: User ID of the administrator making the change (defaults to “admin”)

Request Body

All fields are optional. Only include the URLs you want to update:
  • facebook: Facebook page URL (must be valid URL)
  • instagram: Instagram profile URL (must be valid URL)
  • linkedin: LinkedIn company page URL (must be valid URL)
  • twitter: Twitter/X profile URL (must be valid URL)

Validation

  • All URLs must be properly formatted (start with http:// or https://)
  • Invalid URLs will return a 400 Bad Request error

Example

Update Twitter URL to X.com

cURL
curl -X PATCH 'https://api.handauncle.com/app/config/social-media-urls' \
  -H 'Content-Type: application/json' \
  -H 'x-backend-secret: sk_live_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6' \
  -H 'x-user-id: admin@handauncle.com' \
  -d '{
    "twitter": "https://x.com/handauncle"
  }'
Node.js
const response = await fetch('https://api.handauncle.com/app/config/social-media-urls', {
  method: 'PATCH',
  headers: {
    'Content-Type': 'application/json',
    'x-backend-secret': process.env.BACKEND_SECRET,
    'x-user-id': 'admin@handauncle.com'
  },
  body: JSON.stringify({
    twitter: 'https://x.com/handauncle'
  })
});

const result = await response.json();
console.log(result.data.message);
Python
import requests
import os

response = requests.patch(
    'https://api.handauncle.com/app/config/social-media-urls',
    headers={
        'Content-Type': 'application/json',
        'x-backend-secret': os.environ['BACKEND_SECRET'],
        'x-user-id': 'admin@handauncle.com'
    },
    json={'twitter': 'https://x.com/handauncle'}
)

result = response.json()
print(f"Status: {result['success']}")
print(f"Twitter URL: {result['data']['socialMediaUrls']['twitter']}")

Response

{
  "success": true,
  "data": {
    "message": "Social media URLs updated successfully",
    "socialMediaUrls": {
      "facebook": "https://facebook.com/handauncle",
      "instagram": "https://instagram.com/handauncle",
      "linkedin": "https://www.linkedin.com/company/handauncle",
      "twitter": "https://x.com/handauncle"
    }
  },
  "meta": {
    "timestamp": "2025-12-10T14:38:27.891Z",
    "request_id": "req_674e311bd3c5e6f7a8b9c0d1"
  }
}

Update Multiple URLs at Once

cURL
curl -X PATCH 'https://api.handauncle.com/app/config/social-media-urls' \
  -H 'Content-Type: application/json' \
  -H 'x-backend-secret: sk_live_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6' \
  -H 'x-user-id: marketing@handauncle.com' \
  -d '{
    "facebook": "https://facebook.com/handauncle.official",
    "instagram": "https://instagram.com/handauncle.official",
    "twitter": "https://x.com/handauncle",
    "linkedin": "https://www.linkedin.com/company/handa-uncle"
  }'
Node.js
const updates = {
  facebook: 'https://facebook.com/handauncle.official',
  instagram: 'https://instagram.com/handauncle.official',
  twitter: 'https://x.com/handauncle',
  linkedin: 'https://www.linkedin.com/company/handa-uncle'
};

const response = await fetch('https://api.handauncle.com/app/config/social-media-urls', {
  method: 'PATCH',
  headers: {
    'Content-Type': 'application/json',
    'x-backend-secret': process.env.BACKEND_SECRET,
    'x-user-id': 'marketing@handauncle.com'
  },
  body: JSON.stringify(updates)
});

const result = await response.json();
console.log('All social URLs updated:', result.data.socialMediaUrls);

Error Responses

401 Unauthorized

Missing or invalid backend secret: 
{
  "success": false,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid backend secret"
  }
}

400 Bad Request

Invalid URL format: 
{
  "success": false,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "facebook must be a valid URL"
  }
}

Audit Trail

All updates are logged with:
  • Timestamp of the change
  • User ID who made the change (from x-user-id header)
  • Fields that were modified
You can query the MongoDB app_configuration collection to see the audit trail: 
db.app_configuration.findOne({ config_key: 'social_media_urls' })

See Also

Headers

x-backend-secret
string
required

Backend secret for authentication

x-user-id
string

User ID performing the update (optional, defaults to 'admin')

Body

application/json
facebook
string<uri>
instagram
string<uri>
linkedin
string<uri>
twitter
string<uri>

Response

Social media URLs updated successfully.

success
enum<boolean>
required
Available options:
true
data
object
required
Example:
{
  "message": "Social media URLs updated successfully",
  "socialMediaUrls": {
    "facebook": "https://www.facebook.com/handauncle",
    "instagram": "https://instagram.com/handauncle.official",
    "linkedin": "https://www.linkedin.com/company/handauncle",
    "twitter": "https://x.com/handauncle"
  }
}
meta
object
required