Encrypt Online
Privacy All tools run entirely in your browser.

HMAC Generator

Create HMAC-SHA256 or HMAC-SHA512 signatures

Safety note: Avoid pasting production secrets. HMAC generation runs locally in your browser and is never sent to a server.
Input + outputEnter a secret key and message to generate the signature
What Is an HMAC?

HMAC (Hash-based Message Authentication Code) combines a secret key with a hash function to create a signature. It verifies that a message has not been altered and that it comes from someone who knows the shared secret.

How to Generate an HMAC
  1. Enter the secret key and the message you want to sign.
  2. Select HMAC-SHA256 or HMAC-SHA512.
  3. Click Generate HMAC to create the signature.
  4. Copy the output for use in your API or verification flow.
Example

Use HMACs to sign API requests, webhooks, or callback payloads. The output is a deterministic hex string based on the key and message.

FAQ

Is HMAC encryption? No. HMACs provide integrity and authentication, not confidentiality.

Which algorithm should I use? Prefer HMAC-SHA256 unless a system requires SHA-512.

Do you store my key? No. Everything runs locally in your browser.