Private by design. This tool runs 100% in your browser using the Web Crypto API. Your message and secret key are never uploaded to any server, and the key is never placed in the shareable URL.
What is HMAC?
HMAC stands for Hash-based Message Authentication Code. It is a way to attach a tamper-evident, cryptographic "signature" to a message using a secret key shared between two parties. Given a message and a key, HMAC produces a fixed-length code; anyone who holds the same key can recompute that code and confirm two things at once: that the message was not modified in transit (integrity), and that it was produced by someone who knows the secret (authenticity).
HMAC is built on top of an ordinary cryptographic hash function such as SHA-256. Conceptually it computes H((key ⊕ opad) ‖ H((key ⊕ ipad) ‖ message)) — the message and key are mixed through the hash twice using two distinct padding constants. This nested construction, defined in RFC 2104 and standardized in FIPS 198-1, is what gives HMAC its security properties even when the underlying hash has minor weaknesses.
HMAC vs. a Plain Hash
It is tempting to think a plain SHA-256 hash already protects a message, but a hash alone only proves integrity, not authenticity. Because a hash function is public and keyless, anyone can recompute SHA-256(message). An attacker who alters the message can simply recompute a fresh, valid-looking hash. There is no secret involved, so the hash proves nothing about who created it.
HMAC fixes this by folding a secret key into the computation. Only parties holding the key can generate a code that verifies correctly, so a forged message will not produce a matching HMAC. HMAC also resists length-extension attacks that plague naïve homemade schemes like hash(secret ‖ message), where an attacker can append data and recompute a valid digest without knowing the secret. Its double-hashing structure closes that hole.
Common Uses
- Webhook signatures. Services such as Stripe, GitHub, Shopify, and Slack sign each webhook payload with HMAC (usually HMAC-SHA256) and send the result in a header like
X-Hub-Signature-256. Your server recomputes the HMAC over the raw request body with your shared secret and rejects the request if it does not match — proving the call really came from the provider. - API request authentication. AWS Signature Version 4 and many other API schemes derive a signing key and HMAC the canonical request, so the server can verify the caller's identity without ever transmitting the secret.
- JSON Web Tokens (JWT). The
HS256,HS384, andHS512JWT algorithms are exactly HMAC-SHA256/384/512 over the token'sheader.payload. The signature lets the issuer detect any tampering with the claims. - Key derivation and message integrity. HKDF (HMAC-based key derivation) and the integrity layer of TLS and IPsec rely on HMAC to expand keys and protect records.
How to Use This Tool
- Type or paste the message you want to sign into the message box.
- Enter your secret key in the key field. Both are treated as UTF-8 text.
- Pick the algorithm — SHA-256 is the default and the best choice for most cases.
- The HMAC is computed live as you type and shown as lowercase hex and as Base64. Click Copy next to either to copy it.
Everything is computed locally with crypto.subtle.importKey and crypto.subtle.sign from the Web Crypto API. Nothing is sent to a server.
Privacy
HMAC keys are secrets — pasting them into a random online tool (or an AI chatbot) can leak credentials that protect your webhooks and APIs. This generator is designed to never do that. The message and key live only in your browser's memory for the moment of computation. To keep links shareable without leaking secrets, the page stores only the message and algorithm in the URL; the secret key is deliberately excluded and is left blank when you open a shared link.
Frequently Asked Questions
What is an HMAC?
HMAC (Hash-based Message Authentication Code) is a construction that combines a cryptographic hash function with a secret key to produce a keyed digest. It proves both the integrity of a message (it was not altered) and its authenticity (it was produced by someone who knows the secret key). HMAC is defined in RFC 2104 and standardized in FIPS 198-1.
How is HMAC different from a plain hash?
A plain hash like SHA-256 takes only a message and anyone can recompute it, so it proves integrity but not authenticity. HMAC mixes in a secret key, so only parties who know the key can produce or verify the correct code. This also defends against length-extension attacks that affect naive hash(secret + message) schemes.
What is HMAC used for?
HMAC is used to sign webhook payloads (Stripe, GitHub, Slack), to authenticate API requests (AWS Signature v4), to sign JSON Web Tokens with the HS256/HS384/HS512 algorithms, to derive keys (HKDF), and to verify message integrity in TLS and IPsec. The receiver recomputes the HMAC with the shared key and compares it to the one sent.
Is my secret key sent to a server by this tool?
No. This HMAC generator runs entirely in your browser using the Web Crypto API. The message, the secret key, and the resulting code are computed locally in JavaScript and are never uploaded anywhere. Only the message and chosen algorithm are stored in the shareable URL — the secret key is deliberately never put in the URL.
Which hash algorithm should I use for HMAC?
HMAC-SHA256 is the modern default and is recommended for most uses. HMAC-SHA384 and HMAC-SHA512 offer a larger output for extra margin. HMAC-SHA1 is still cryptographically usable for authentication (HMAC is not broken by SHA-1 collisions), but it is deprecated for new designs because SHA-1 itself is weak. Use SHA-256 or stronger unless a system requires SHA-1.
Should I compare HMACs with a normal string comparison?
No. When verifying an HMAC on a server, use a constant-time comparison (for example crypto.timingSafeEqual in Node.js, hmac.compare_digest in Python, or hash_equals in PHP). A normal byte-by-byte comparison that returns early can leak the correct signature through timing differences, enabling a timing attack.