---
title: Request Parameter Signature Requirement
description: In PingOne, you can specify how an application sends the optional request parameter in its authorization requests. The application can send authorization requests with or without the request parameter, and with or without an optional digital signature.
component: pingone
page_id: pingone:applications:p1_request_parameter_signature_requirement
canonical_url: https://docs.pingidentity.com/pingone/applications/p1_request_parameter_signature_requirement.html
revdate: June 22, 2023
section_ids:
  related-links: Related links
---

# Request Parameter Signature Requirement

In PingOne, you can specify how an application sends the optional `request` parameter in its authorization requests. The application can send authorization requests with or without the `request` parameter, and with or without an optional digital signature.

You can choose a more secure option, a more flexible option, or a balance between the two. For more information, see <https://openid.net/specs/openid-connect-core-1_0.html#JWTRequests>.

In PingOne, you can choose from the following options when configuring an OIDC-based application:

* Default

  Allow the application to send authorization requests with or without the request parameter as defined in the OpenID specification. When using the request parameter, the application must include a digital signature. This option provides a balance of security and flexibility.

* Require signed request parameters

  Require the application to use the request parameter as defined in the OpenID specification and include a digital signature in its authorization requests. This option provides the most security.

* Allow unsigned request parameters

  Allow the application to send authorization requests with or without the request parameter as defined in the OpenID specification. When using the request parameter, the application has the option to include a digital signature or not. This option provides the most flexibility.

The following table shows a comparison of the different options.

| Selection                         | Authentication request | Signed request | Unsigned request |
| --------------------------------- | ---------------------- | -------------- | ---------------- |
| Default                           | Yes                    | Yes            |                  |
| Require signed request parameters |                        | Yes            |                  |
| Allow unsigned request parameters | Yes                    | Yes            | Yes              |

## Related links

* [Editing an application - OIDC](p1_edit_application_oidc.html)

* [Editing an application - Native](p1_edit_application_native.html)

* [Editing an application - Single page](p1_edit_application_singlepage.html)