HMAC Generator
Generate HMAC signatures using SHA-256, SHA-512, SHA-1, or MD5. Enter your message and secret key to produce a cryptographic hash.
DevForge is free and ad-supported. Buy me a coffee if it saved you time.
How to Use This Tool
Enter your message and secret key, choose a hashing algorithm, and click Generate. The output is a hex-encoded HMAC signature. SHA-256 is recommended for most use cases.
Common Use Cases
- Verify webhook payloads from third-party services (GitHub, Stripe)
- Generate API request signatures for authentication
- Validate message integrity in communication protocols
Frequently Asked Questions
What is HMAC?
HMAC (Hash-based Message Authentication Code) combines a cryptographic hash function with a secret key to produce a signature that proves both the integrity and authenticity of a message.
Which algorithms are supported?
SHA-256, SHA-512, SHA-1, and MD5 (via SHA-1 fallback). SHA-256 is recommended for most use cases — it offers a good balance of security and performance.
Is my data sent to a server?
No. HMAC computation uses the browser's native Web Crypto API. Your message and secret key never leave your machine.