Opensocial supports Signed Requests via the [http://code.google.com/apis/opensocial/docs/0.7/reference/gadgets.io.html#makeRequest gadgets.io.makeRequest()] function.  These requests have their arguments digitally signed so your application server can be sure that the requests are legitimate.  The technique used is a variation of the OAuth protocol.[[BR]][[BR]]Public Key[[BR]][[BR]]The hi5 public key is available at http://www.o.hi5modules.com/hi5modules.com.cert [[BR]][[BR]][[BR]]You can find sample PHP validation code [http://www.hi5networks.com/platform/browser/sampleapps/testOauth.php here][[BR]][[BR]][[BR]][[BR]]