HMAC Generator
Generate HMAC signatures with SHA-1, SHA-256, SHA-384 and SHA-512.
How to Use the HMAC Generator
Enter your message, provide a secret key, select an algorithm (SHA-1, SHA-256, SHA-384 or SHA-512), and click "Generate HMAC". The resulting HMAC signature is displayed as a hex string that you can copy with one click.
What is HMAC?
HMAC (Hash-based Message Authentication Code) is a cryptographic construction that combines a hash function with a secret key to produce a message authentication code. It verifies both data integrity and authenticity. HMAC is widely used in API authentication, JWT signatures, webhook verification and secure communication protocols.
Frequently Asked Questions
What is HMAC used for?
HMAC is used for message authentication in APIs, webhook signature verification, JWT signing, and ensuring data integrity in transit.
Which algorithm should I choose?
SHA-256 is the most common and recommended for general use. SHA-1 is considered weak for security purposes. SHA-384 and SHA-512 offer higher security at the cost of longer output.
Is HMAC the same as hashing?
No. A hash function only takes a message as input, while HMAC also requires a secret key. HMAC provides authentication — only someone with the key can produce (or verify) the correct HMAC.
Is my data sent to a server?
No. All HMAC computation happens locally in your browser using the Web Crypto API. No data or keys leave your device.
More Developer Tools
JSON Formatter
Format, validate and minify JSON with syntax highlighting.
Open tool →Base64 Encode / Decode
Encode text to Base64 or decode Base64 back to text.
Open tool →UUID Generator
Generate UUID v4 identifiers, single or in bulk.
Open tool →Unix Timestamp Converter
Convert Unix timestamps to human-readable dates and back.
Open tool →URL Encode / Decode
Encode or decode URLs and query parameters.
Open tool →HTML Entity Encode / Decode
Encode special characters to HTML entities or decode them back.
Open tool →