HMAC Generator
HMAC Output
How to use this HMAC generator
- Type your secret key and choose a hash algorithm (SHA-256 is the most common default).
- Type the message you want to sign.
- The HMAC output updates automatically — copy it to verify or send alongside your message.
What is HMAC used for?
HMAC combines a secret key with a message to produce a signature that proves both the message's integrity and that it came from someone who knows the key — common in API authentication and webhook verification.
Is HMAC the same as encryption?
No. HMAC only proves authenticity and integrity — it doesn't hide the message content. Use AES encryption separately if you need confidentiality.
Which algorithm should I choose?
HMAC-SHA256 is the standard choice for most APIs and webhooks (used by Stripe, GitHub, and many others). Use SHA-512 only if a specific system requires it.