Free HMAC Generator (SHA-256 / SHA-512)
Compute an HMAC signature from a message and secret key · SHA-256/384/512, hex or Base64 output, all in your browser via Web Crypto.
Frequently asked
What is HMAC used for?
Authenticating that a message came from someone holding the shared secret · most commonly webhook signatures (Stripe, GitHub, Slack) and signed API requests. The receiver recomputes the HMAC and compares.
Can I verify a Stripe or GitHub webhook signature here?
Yes · paste the raw payload as the message and your webhook secret as the key, choose SHA-256, and compare the output to the signature header (v1= for Stripe, sha256= for GitHub).
Run a full security scan →