HMAC Generator

Generate HMAC with SHA-1/256/384/512 using Web Crypto API

100% In-BrowserNo Server UploadFree, No Signup

Cryptography

Message

HMAC Output

How to Use

Set algorithm and secret key
Choose the HMAC algorithm (SHA-1/256/384/512) in the toolbar and enter a secret key.
Enter message
Type the message text in the input area.
View result
Click "Convert" to compute the HMAC and display the result in HEX or Base64 format.

HMAC Generator Examples

HMAC-SHA-256 (key=secret)

Input

hello

Output

HEX: 88aab3ede8d3adf94d26ab90d3bafd4a2083070c3bcce9c014ee04a443847c0b
Base64: iKqz7ejTrflNJquQ07r9SiCDBww7zOnAFO4EpEOEfAs=

Set the secret key to "secret" and select SHA-256.

HMAC-SHA-512 (key=mykey)

Input

test message

Output

HEX: (64-byte HEX value)
Base64: (Base64 encoded value)

SHA-512 produces a longer HMAC value.

Features

HMAC-SHA-1, SHA-256, SHA-384, SHA-512 support
HEX and Base64 output formats
Fast and secure via Web Crypto API
Ideal for verifying API webhook signatures
Local processing (your input is not sent to servers)
Mobile-friendly responsive design
Dark mode support

FAQ

What is HMAC?

HMAC (Hash-based Message Authentication Code) combines a hash function with a secret key to provide message authentication and integrity. It is widely used for API signature verification and tamper detection.

What is the difference between a hash and HMAC?

A hash function (e.g. SHA-256) generates a hash from the input alone, while HMAC uses both the input and a secret key. A third party without the secret key cannot reproduce the HMAC, making it suitable for authentication.

Is my data sent to a server?

No. All HMAC computation happens locally in your browser using the Web Crypto API. No data is ever transmitted externally.