verified_user
HMAC-SHA256
Create HMAC-SHA256 message authentication codes. Combines a secret key with SHA-256 for secure message authentication.
HMAC Generator
Keyed-Hash Message Authentication Code
0 characters0 bytes
verified_user
Enter a secret key and message, then click Compute
HMAC Properties
key
Key RequirementAny length, but 256+ bits recommended
output
Output Size256 bits (32 bytes)
shield
SecurityCryptographically secure authentication
About HMAC-SHA256
HMAC (Hash-based Message Authentication Code) combines a cryptographic hash function with a secret key to provide both data integrity and authentication. HMAC-SHA256 is widely used in API authentication, JWT signatures, and secure communication protocols.
- Provides authentication that the message has not been altered
- Used in OAuth 2.0, JWT, and many API authentication schemes
- Resistant to length extension attacks (unlike plain SHA-256)
- Key should be kept secret and be at least 256 bits for security
- Same key and message always produce the same HMAC