DevTools
Language

HMAC Generator

DevTools HMAC Generator computes keyed message authentication codes locally in your browser—for webhook signature debugging, API signing, and integrity checks.

HMAC Generator

Generate HMAC digests with a secret key—useful for webhook signatures and API auth debugging.

About this tool

HMAC combines a hash with a secret key—only key holders produce matching signatures. Common in payment notifications, platform callbacks, and private APIs.

How to use

  1. Enter the message content.
  2. Enter the shared secret key.
  3. Select the HMAC algorithm and generate the signature.

FAQ

How is HMAC different from a plain hash?

Plain hashes are public; HMAC requires a secret key, so you can verify the message came from a trusted party and was not tampered with.

Why does verification fail?

Common causes: body reformatting, different newlines, encoding mismatch, or comparing hex to Base64.

Is my secret key uploaded?

No. HMAC is computed locally in your browser.

Which algorithms are supported?

Common options include HMAC-SHA256 and related SHA variants available in the tool UI.

Related tools