🍋
peasy / safe
Menu
All Tools Guides 33 Glossary 45 File Formats 131 Use Cases 302 API

Categories

P pdf I image D document T text D developer C css D design V video A audio Q qr S seo S security S social M math G generator
🍋 peasytools.com
🍋 Privacy & Security

HMAC Generator

Generate keyed-hash message authentication codes

Free Browser-only No sign-up
chars words sentences lines

HMAC Options

Results

Result

About HMAC Generator

Compute HMAC (Hash-based Message Authentication Code) using a secret key. Supports SHA-256 and SHA-512 algorithms.

How It Works

Uses Web Crypto API to import your secret key, then computes HMAC using crypto.subtle.sign(). The result proves both data integrity and authenticity — only someone with the key can produce the same HMAC.

Step by Step

  1. 1 Enter the message to authenticate
  2. 2 Enter your secret key in the second input
  3. 3 Select HMAC algorithm (SHA-256 or SHA-512)
  4. 4 Click Generate to compute the HMAC
  5. 5 Copy the HMAC value

Tips

  • Use a strong, random secret key (at least 32 characters)
  • HMAC is used in API authentication, JWT signing, and webhook verification
  • Unlike plain hashing, HMAC requires a secret key to verify
  • SHA-256 HMAC is the standard for most API integrations

Frequently Asked Questions

What is the difference between a hash and HMAC?
A hash only proves integrity (data has not changed). HMAC proves both integrity AND authenticity (data came from someone with the secret key).
Where is HMAC used?
API authentication (AWS Signature V4), webhook verification (Stripe, GitHub), JWT signing (HS256), and message authentication in protocols like TLS.