Hash Generators

HMAC-SHA256 Generator

Compute keyed HMAC-SHA256 / SHA-1 / SHA-512 signatures locally.

Secret key

Algorithm:

Message

Signature (hex)

Provide key + message

About this tool

HMAC (Hash-based Message Authentication Code) combines a secret key with a hash function to authenticate messages. Used in JWT signatures, webhook verification (Stripe, GitHub), and API signing. The key and message never leave your browser.

FAQs

When do I use HMAC instead of a plain hash?

When you need to prove a message came from someone who knows a shared secret - webhook signatures, API request signing, JWT (HS256).

Which hash algorithm should I pick?

SHA-256 is the default for new work. SHA-1 only for compatibility with legacy systems. SHA-512 when the protocol specifies it.

How long should my key be?

At least as long as the hash output (32 bytes for HMAC-SHA256). Longer keys add no extra security beyond that, shorter keys reduce it.

Other tools

QR Code GeneratorCount Duplicate LinesPassword GeneratorJSON FormatterJWT DecoderRegex TesterBase64 Encoder / DecoderTimestamp ConverterAll tools →