MACs hash-wasm mac

HMAC Generator - Message Authentication Code

Generate HMAC signatures with any hash function - the standard for API authentication and message integrity.

What Is HMAC?

HMAC (Hash-based Message Authentication Code) is a standard construction for creating message authentication codes with a cryptographic hash function and a secret key, providing both data integrity and authenticity verification.

Specifications

Output Size Variable

Standard FIPS 198-1

Standard Year 2008

Origin RFC 2104 (HMAC)

Origin Year 1997

Use Cases

API request signing and authentication
JWT (JSON Web Token) signatures
Webhook payload verification
TLS/SSL session authentication
Software update integrity checks

!

Security Notice

HMAC is a keyed message authentication tool. Keep keys secret, use protocol-appropriate key sizes, and do not treat the output as encryption.

Implementation Notes

Practical usage details for this browser-based HMAC tool.

How to Generate a HMAC authentication code

Choose UTF-8, Hex, Base64 input mode.
Enter the text or encoded bytes you want to process.
Adjust the HMAC options if your use case requires non-default settings.
Click Generate HMAC Authentication Code and copy the result.

Example Input

Sample input:

abc

Use this sample input, then copy the generated authentication code from the result panel.

When Not to Use HMAC

Do not use a plain hash or derivation output directly as password storage without the right password-hashing construction and parameters.
Do not use it as an encryption algorithm.

Recommended Alternatives

Review related tools when you need a different output size, security margin, or keyed construction.

Frequently Asked Questions

Which hash function should I use with HMAC?

Should the HMAC key be the same length as the hash output?

When should I use HMAC versus a simple hash with secret prefix?