English
Developer Tools

HMAC Generator

Generate an HMAC from a message and secret key with SHA-1, SHA-256, SHA-384 or SHA-512.

How to use it

  1. Enter your message The data to authenticate.
  2. Enter the secret key The shared key for the HMAC.
  3. Choose an algorithm SHA-1 through SHA-512.

Examples

SHA-256 64 hex chars
key + message signed

About this tool

An HMAC combines a message with a secret key to produce a signature that both proves integrity and authenticates the sender — the mechanism behind signed API requests and webhooks. This generator computes one from your message and key using the SHA family.

It runs entirely in your browser through the native Web Crypto API, so your secret key and message stay private. Pick the algorithm your service expects and copy the resulting hex digest. Everything is computed locally.

Frequently asked questions

What is an HMAC?

A hash-based message authentication code proves a message hasn't been tampered with and comes from someone who knows the secret key. It's used to sign API requests and webhooks.

Is my key sent anywhere?

No. The HMAC is computed entirely in your browser with the Web Crypto API, so the message and key never leave your device.

Related tools

Hash Generator Generate SHA-1, SHA-256, SHA-384 and SHA-512 hashes of any text, computed locally in your browser. JWT Decoder Paste a JWT to read its decoded header and payload, with issued-at and expiry times. Number Base Converter Enter a value and its base to see it in binary, octal, decimal and hexadecimal at once. Color Converter Enter a colour as HEX, RGB or HSL and see the other formats update instantly, with a live swatch. JSON Formatter & Validator Paste JSON to pretty-print it with indentation, minify it to one line, or check that it's valid. Unix Timestamp Converter Convert between Unix epoch seconds and readable dates, in both directions, with UTC and ISO output.

Updated June 15, 2026