Skip to main content
PATCH
/
app
/
config
/
system-urls
Update system URLs configuration
curl --request PATCH \
  --url https://handauncle-backend-prod-205012263523.asia-south1.run.app/app/config/system-urls \
  --header 'Content-Type: application/json' \
  --header 'x-backend-secret: <x-backend-secret>' \
  --data '
{
  "supportEmail": "support@handauncle.com",
  "faqs": "https://help.handauncle.com/faqs"
}
'
{
  "success": true,
  "data": {
    "message": "System URLs updated successfully",
    "systemUrls": {
      "termsAndConditions": "https://www.handauncle.com/terms",
      "privacyPolicy": "https://www.handauncle.com/privacy",
      "faqs": "https://help.handauncle.com/faqs",
      "supportEmail": "support@handauncle.com"
    }
  },
  "meta": {
    "requestId": "req_674e2f7d1f4e6g8h0c3d5e7f",
    "timestamp": "2025-12-10T14:35:28.567Z"
  }
}
Admin endpoint to update system URLs including terms and conditions, privacy policy, FAQs, and support email.
This is an administrative endpoint that requires authentication via the BACKEND_SECRET. Only authorized administrators should have access to this endpoint.

Authentication

This endpoint requires the x-backend-secret header with a value matching the BACKEND_SECRET environment variable configured on the server. 
x-backend-secret: your-backend-secret-here

Optional Headers

  • x-user-id: User ID of the administrator making the change (defaults to “admin”)

Request Body

All fields are optional. Only include the URLs you want to update:
  • termsAndConditions: URL to the terms and conditions page (must be valid URL)
  • privacyPolicy: URL to the privacy policy page (must be valid URL)
  • faqs: URL to the FAQs page (must be valid URL)
  • supportEmail: Support email address (must be valid email format)

Validation

  • All URLs must be properly formatted (start with http:// or https://)
  • Email must be in valid email format
  • Invalid values will return a 400 Bad Request error

Example

Update Support Email and FAQs URL

cURL
curl -X PATCH 'https://api.handauncle.com/app/config/system-urls' \
  -H 'Content-Type: application/json' \
  -H 'x-backend-secret: sk_live_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6' \
  -H 'x-user-id: admin@handauncle.com' \
  -d '{
    "supportEmail": "support@handauncle.com",
    "faqs": "https://help.handauncle.com/faqs"
  }'
Node.js
const response = await fetch('https://api.handauncle.com/app/config/system-urls', {
  method: 'PATCH',
  headers: {
    'Content-Type': 'application/json',
    'x-backend-secret': process.env.BACKEND_SECRET,
    'x-user-id': 'admin@handauncle.com'
  },
  body: JSON.stringify({
    supportEmail: 'support@handauncle.com',
    faqs: 'https://help.handauncle.com/faqs'
  })
});

const result = await response.json();
console.log('Updated:', result.data.systemUrls);
Python
import requests
import os

response = requests.patch(
    'https://api.handauncle.com/app/config/system-urls',
    headers={
        'Content-Type': 'application/json',
        'x-backend-secret': os.environ['BACKEND_SECRET'],
        'x-user-id': 'admin@handauncle.com'
    },
    json={
        'supportEmail': 'support@handauncle.com',
        'faqs': 'https://help.handauncle.com/faqs'
    }
)

print(response.json())

Response

{
  "success": true,
  "data": {
    "message": "System URLs updated successfully",
    "systemUrls": {
      "termsAndConditions": "https://www.handauncle.com/terms-and-conditions",
      "privacyPolicy": "https://www.handauncle.com/privacy-policy",
      "faqs": "https://help.handauncle.com/faqs",
      "supportEmail": "support@handauncle.com"
    }
  },
  "meta": {
    "timestamp": "2025-12-10T14:35:42.123Z",
    "request_id": "req_674e3056d2a4b5c6e7f8g9h0"
  }
}

Error Responses

401 Unauthorized

Missing or invalid backend secret: 
{
  "success": false,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid backend secret"
  }
}

400 Bad Request

Invalid URL or email format: 
{
  "success": false,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "supportEmail must be a valid email"
  }
}

Audit Trail

All updates are logged with:
  • Timestamp of the change
  • User ID who made the change (from x-user-id header)
  • Fields that were modified
You can query the MongoDB app_configuration collection to see the audit trail: 
db.app_configuration.findOne({ config_key: 'system_urls' })

See Also

Headers

x-backend-secret
string
required

Backend secret for authentication

x-user-id
string

User ID performing the update (optional, defaults to 'admin')

Body

application/json
termsAndConditions
string<uri>
privacyPolicy
string<uri>
faqs
string<uri>
supportEmail
string<email>

Response

System URLs updated successfully.

success
enum<boolean>
required
Available options:
true
data
object
required
Example:
{
  "message": "System URLs updated successfully",
  "systemUrls": {
    "termsAndConditions": "https://www.handauncle.com/terms",
    "privacyPolicy": "https://www.handauncle.com/privacy",
    "faqs": "https://help.handauncle.com/faqs",
    "supportEmail": "support@handauncle.com"
  }
}
meta
object
required