HMAC Generator
Free online HMAC signature generator tool, SHA-1/256/512 supported
What is HMAC?
HMAC (Hash-based Message Authentication Code) is a mechanism for verifying both the integrity and authenticity of a message. It uses a cryptographic hash function (like SHA-256) combined with a secret key to produce a signature. HMAC is used in API authentication, JWT tokens, and message verification.
How to Generate an HMAC Signature
Select a hash algorithm (SHA-1, SHA-256, SHA-384, or SHA-512). Enter your secret key and the message text. The HMAC signature is generated instantly. Choose hex or Base64 output encoding.
▶What is HMAC used for?
HMAC is commonly used for API request signing (AWS Signature, GitHub webhooks), JWT token signatures, verifying message integrity, and authenticating requests in distributed systems.
▶What is the difference between HMAC and a hash?
A hash (like SHA-256) only depends on the message. HMAC requires a secret key in addition to the message, so only someone with the key can produce or verify the signature.
▶Which algorithm should I use?
SHA-256 is the recommended default. SHA-1 is deprecated for security purposes but still used in legacy systems. SHA-512 provides stronger security on 64-bit platforms.