> ## Documentation Index
> Fetch the complete documentation index at: https://agents.laso.finance/llms.txt
> Use this file to discover all available pages before exploring further.

# Get a login link for the web dashboard

> Returns a URL that a human can open in a browser to log in to the Laso Finance web dashboard as the authenticated user. Useful for humans who want to see what their AI agent has been doing (view cards, transactions, balances, etc.).

Requires a Bearer token from `/auth` or `/get-card`.



## OpenAPI

````yaml /api-reference/openapi.json get /get-auth-link
openapi: 3.1.0
info:
  title: Laso Finance x402 API
  version: 1.0.0
  description: >-
    Payment-gated API for Laso Finance. All paywalled routes use the x402
    protocol — the caller includes a USDC payment header on Base (eip155:8453)
    or Solana (solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp) and the server verifies
    payment before processing. Free routes require no payment header.


    ## Getting started


    To set up a wallet for making x402 payments, choose a provider:


    - **Locus** (default): https://paywithlocus.com/SKILL.md

    - **Sponge**: https://wallet.paysponge.com/skill.md — automatic x402 service
    discovery

    - **Ampersend**: https://www.ampersend.ai/getting-started.md — self-custody
    on Base with dual-approval spending limits. Laso Finance is a default skill,
    so no manual endpoint registration is needed.


    ## How x402 works


    1. Call a paywalled endpoint without a payment header → receive a `402
    Payment Required` response containing payment details (price, recipient
    address, network).

    2. Construct an x402 payment header using the details from the 402 response.

    3. Replay the request with the payment header → the server verifies payment
    and processes the request.


    ## Authentication flow


    `GET /auth` is free: callers prove wallet ownership by sending a
    `SIGN-IN-WITH-X` header (CAIP-122 wallet signature). Paywalled routes
    (`/get-card`, `/order-gift-card`, `/get-push-to-card`, `/order-intl-card`)
    also return fresh auth credentials in their responses, so a payment is never
    required just to obtain a token.


    Most routes return auth credentials (`id_token`, `refresh_token`,
    `expires_in`). Use the `id_token` as a Bearer token to call authenticated
    Laso Finance endpoints like `/get-card-data`. When the `id_token` expires,
    use `POST /auth` with `grant_type: refresh_token` to get a new one.


    ## Important notes


    The `/get-card` USA prepaid card endpoint is U.S. only — issued in USD,
    usable at U.S.-based merchants only, and physical goods must ship to a U.S.
    address. For non-U.S. merchants or non-USD currencies, use `GET
    /order-intl-card` instead (international prepaid card, admin-fulfilled
    within 24 hours). All cards are intended for the caller's own use.


    For step-by-step instructions, read https://laso.finance/SKILL.md
servers:
  - url: https://laso.finance
    description: Production
security: []
paths:
  /get-auth-link:
    get:
      summary: Get a login link for the web dashboard
      description: >-
        Returns a URL that a human can open in a browser to log in to the Laso
        Finance web dashboard as the authenticated user. Useful for humans who
        want to see what their AI agent has been doing (view cards,
        transactions, balances, etc.).


        Requires a Bearer token from `/auth` or `/get-card`.
      operationId: getAuthLink
      responses:
        '200':
          description: Auth link generated
          content:
            application/json:
              schema:
                type: object
                properties:
                  auth_url:
                    type: string
                    description: >-
                      URL to open in a browser to log in to the Laso Finance
                      dashboard
                    example: https://laso.finance/?authToken=eyJ...
                  user_id:
                    type: string
                    description: The authenticated user's ID (wallet address)
                    example: 0xabc...
        '401':
          description: Missing or invalid Bearer token
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
              example:
                error: Missing or invalid Authorization header
        '403':
          description: >-
            Account is frozen. The response includes a `frozen_message` field
            explaining why.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/FrozenError'
              example:
                error: Account is frozen
                frozen_message: >-
                  Your account is frozen pending a compliance review. Contact
                  support@laso.finance.
      security:
        - BearerAuth: []
components:
  schemas:
    Error:
      type: object
      properties:
        error:
          type: string
    FrozenError:
      type: object
      properties:
        error:
          type: string
          example: Account is frozen
        frozen_message:
          type: string
          description: Human-readable explanation of why the account is frozen
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      description: ID token from `/auth` or `/get-card`

````