What is HMAC Generator Online?
HMAC (Hash-based Message Authentication Code) combines a secret key with a hash function to produce a signature that proves both message integrity and authenticity. It is the standard mechanism used by AWS Signature V4, Stripe webhooks, GitHub webhooks, and most REST API authentication schemes. Enter your message and secret key to compute the HMAC signature instantly.
How to Use HMAC Generator Online
- Paste your message or payload into the "Message" field.
- Enter your secret key in the "Secret" field.
- Select the hash algorithm (HMAC-SHA256 is most common).
- The HMAC signature is computed instantly. Copy it for use in your API request.
Example
HMAC-SHA256 signature
Input
Message: "order_id=123" | Key: "mysecret"Output
a4b5c6d7...Frequently Asked Questions
What is the difference between a hash and an HMAC?
A hash is deterministic — anyone can compute it. An HMAC requires a secret key, so only parties who possess the key can verify the signature.
How do I verify a Stripe webhook?
Compute HMAC-SHA256 of the raw request body using your Stripe webhook secret. Compare your result to the "Stripe-Signature" header value.