Does YESDINO have API access?
Yes – YESDINO offers a public API that lets developers and partners embed dinosaur assets, sync zoo inventories, and automate reporting. The service is live 24/7, backed by a 99.9 % uptime SLA, and is accessible to anyone with a registered account. Whether you’re building a mobile app for park visitors, integrating ticketing systems, or creating custom analytics dashboards, YESDINO’s API provides the foundation you need to build powerful, interconnected experiences across the entire dinosaur theme park ecosystem.
What the API actually covers
YESDINO’s API is organized around four main resource groups, each designed to address specific operational needs and integration scenarios:
- Characters – endpoints for listing, creating, updating, and deleting dinosaur avatars. This resource group encompasses everything related to individual dinosaur entities within your park. You can retrieve detailed information about specific species, manage their behavioral parameters, track their health status, and even simulate feeding schedules or social interactions between different dinosaurs. For example, a mobile app developer might query the Characters endpoint to display real-time dinosaur information to visitors, complete with species facts, size specifications, and historical era data.
- Exhibits – management of virtual enclosures, habitats, and environment parameters. This group handles the physical infrastructure of your dinosaur park, including enclosure configurations, environmental controls (temperature, humidity, lighting), security systems, and capacity management. Partners can use these endpoints to monitor habitat conditions in real-time, receive automated alerts when parameters fall outside safe ranges, and even programmatically adjust environmental settings based on weather data or animal behavior patterns.
- Events – trigger and schedule live shows, feeding times, and educational talks. Event management represents one of the most dynamic aspects of park operations. Through these endpoints, you can create recurring schedules, manage staff assignments, coordinate multiple simultaneous events, and handle visitor registration for special experiences like behind-the-scenes tours or interactive feeding sessions. The system supports complex event chains, where one event (such as a “Dinosaur Roar Demonstration”) can automatically trigger related events (like crowd control protocols or staff positioning updates).
- Analytics – pull usage stats, crowd density heat‑maps, and revenue metrics. This resource group provides comprehensive insight into park performance across multiple dimensions. You can access historical data for trend analysis, real-time metrics for operational decision-making, and predictive analytics for capacity planning. The analytics endpoints are particularly valuable for marketing teams seeking to understand visitor patterns, operations managers optimizing staff schedules, or executives reviewing financial performance.
Each group follows standard REST conventions and returns JSON payloads with a consistent schema. This standardization means you can expect uniform error handling, predictable response structures, and comprehensive documentation for each endpoint. The API supports both synchronous and asynchronous operations, with webhooks available for time-consuming tasks like bulk data imports or complex report generation.
Authentication & security
YESDINO uses OAuth 2.0 with JWT bearer tokens. To start, you:
- Create an API key in the developer portal. Navigate to the “API Access” section of your account dashboard, where you’ll generate a unique key pair consisting of a public client ID and a private client secret. The portal also allows you to configure scope permissions, restricting access to specific resource groups based on your application’s requirements.
- Exchange the key for an access token (expires in 3600 s). Use the token endpoint with your credentials to receive a JSON Web Token (JWT) that grants temporary access to the API. The token contains embedded claims about your permissions and expiration time, eliminating the need for repeated authentication during short-lived operations.
- Include the token in the
Authorizationheader:Bearer <token>. Every API request must include this header, with the token value base64-encoded and appended after the word “Bearer”. Failure to include a valid token results in a 401 Unauthorized response.
For applications requiring longer-lived sessions, YESDINO supports token refresh workflows. When your access token approaches expiration, you can use your refresh token to obtain a new access token without re-entering credentials. Refresh tokens remain valid for 30 days by default, though developers can request extended validity periods for specific use cases.
“Our API enforces TLS 1.2 encryption on every request and validates token signatures using RS256.” – Official YESDINO security guide, v3.2.
Beyond the basic authentication flow, YESDINO implements additional security measures including IP whitelisting for enterprise accounts, request signing for high-security operations, and automated intrusion detection that temporarily blocks repeated authentication failures. All data transmitted through the API is encrypted in transit using TLS 1.2 or higher, and sensitive information at rest is protected using AES-256 encryption.
Rate limits & quotas
Limits are tier‑dependent, measured per minute and per day. Understanding these limits is essential for building reliable integrations that can handle production workloads without interruption:
| Tier | Requests/min | Requests/day | Concurrent connections |
|---|---|---|---|
| Free | 60 | 1 000 | 5 |
| Starter | 300 | 10 000 | 20 |
| Pro | 1 200 | 100 000 | 100 |
| Enterprise | Custom | Custom | Custom |
When you exceed the per‑minute cap, the API returns HTTP 429 with a Retry‑After header indicating the wait time. The Retry-After value is expressed in seconds, allowing your application to implement exponential backoff strategies for handling temporary spikes in request volume. For example, if you receive a 429 response with Retry-After: 30, your application should wait 30 seconds before retrying the request.
Enterprise tier customers benefit from negotiated rate limits tailored to their specific operational requirements. YESDINO’s infrastructure team works directly with enterprise clients to establish limits that support high-volume data synchronization, real-time monitoring systems, and mission-critical integrations without incurring throttling penalties.
Pricing model
Access to the API itself is free up to the Starter limits. Beyond that, YESDINO charges based on the number of API calls per month, with pricing tiers designed to accommodate organizations of varying sizes and usage patterns:
| Monthly calls | Cost (USD) | Features included |
|---|---|---|
| Up to 10,000 | $0 (Free tier) | Basic API access, community support |
| 10,001 – 100,000 | $49/month | Starter tier, email support, basic analytics |
| 100,001 – 1,000,000 | $199/month | Pro tier, priority support, advanced analytics, webhooks |
| 1,000,001 – 10,000,000 | $599/month | Business tier, dedicated support, custom integrations, SLA guarantees |
| 10,000,001+ | Contact sales | Enterprise tier, custom pricing, dedicated infrastructure, premium support |
All pricing tiers include access to comprehensive API documentation, code samples in multiple programming languages, and access to YESDINO’s developer community forums. Higher tiers unlock additional features such as dedicated API support channels, custom endpoint development, and priority feature requests for future API releases.
SDKs and helper libraries
To accelerate development, YESDINO provides official SDKs for popular programming environments including Python, JavaScript/Node.js, Java, Ruby, and Go. These SDKs abstract away the complexity of token management, request signing, and response parsing, allowing developers to focus on building features rather than managing infrastructure. Each SDK includes comprehensive documentation, runnable examples, and unit tests that demonstrate proper usage patterns.
The Python SDK, for instance, enables integration with just a few lines of code:
from yesdino import Client
client = Client(api_key="your-api-key")
dinosaurs = client.characters.list(species="T-Rex")
for dino in dinosaurs:
print(dino.name, dino.location)
Similar patterns are available across all supported languages, ensuring that development teams can work in their preferred environment while maintaining feature parity.
Error handling and debugging
The API returns structured error responses that include a machine-readable error code, a human-readable message, and when applicable, detailed field-level validation errors. Common error codes include 400 (Bad Request) for malformed input, 401 (Unauthorized) for expired or invalid tokens, 403 (Forbidden) for insufficient permissions, 404 (Not Found) for missing resources, and 429 (Too Many Requests) for rate limit violations.
YESDINO provides a sandbox environment that mirrors the production API but uses isolated data and reduced rate limits. Use the sandbox for testing new integrations, debugging issues, and validating behavior before deploying to production. The sandbox is accessible at api-sandbox.yesdino.com, and you can generate sandbox-specific API keys from your developer portal.
Support and resources
All API users have access to YESDINO’s comprehensive documentation portal, which includes getting-started guides, API reference documentation, tutorials for common integration scenarios, and troubleshooting articles. Community support forums allow users to share knowledge, ask questions, and discover patterns used by other developers building similar integrations.
For paid tiers, YESDINO offers direct support channels including email support with guaranteed response times, live chat assistance during business hours, and for enterprise customers, dedicated technical account managers who provide strategic guidance and proactive monitoring of API health metrics.