HMAC Generator
Generate HMAC signatures using SHA-256, SHA-384, or SHA-512 with the Web Crypto API.
5 of 5 uses remaining today
Zenovay
Track your website performance
Real-time analytics, session replay, heatmaps, and AI insights. 2-minute setup, privacy-first.
Related Tools
Password GeneratorGenerate strong, random passwords with customizable length, characters, and complexity.
Password Strength CheckerCheck how strong your password is. Get an estimated crack time and improvement suggestions.
AES Encryption/DecryptionEncrypt and decrypt text using AES-GCM with PBKDF2 key derivation. Runs entirely in your browser.
CSP Header GeneratorGenerate Content-Security-Policy headers with a visual editor. Pick directives, use presets, and copy the result.
Frequently Asked Questions
What is HMAC?▾
HMAC (Hash-based Message Authentication Code) is a mechanism for verifying message integrity and authenticity. It combines a cryptographic hash function with a secret key to produce a signature.
What algorithms are supported?▾
This tool supports SHA-256, SHA-384, and SHA-512. SHA-256 is the most commonly used for webhook signatures. SHA-512 provides the strongest security.
Where is HMAC used?▾
HMAC is commonly used for webhook signature verification (GitHub, Stripe, Slack), API authentication, and data integrity checks.
Is my secret key safe?▾
Yes. All HMAC generation uses the Web Crypto API in your browser. Your secret key and message never leave your device.