Use an operator email and password to open the protected StableInvoice workspace. Browser actions will then use a signed session cookie instead of relying on manual request headers.