Home / Algorithms / HMAC

HMAC combines a secret key with a hash function to verify both the integrity and authenticity of a message at the same time. It is commonly used in the form of HMAC-SHA256.

Anyone without the key cannot produce a valid HMAC, so it is widely used for signing API requests, verifying webhooks, and signing tokens (JWT). In this tool, turning on the HMAC option and entering a key switches the SHA family into HMAC mode.

Type
Message authentication (MAC)
Bits
Variable
Output length
Variable
Example · hash of "hello" (key "key" · HMAC-SHA256)
9307b3b915efb5171ff14d8cb55fbcc798c6c0ef1456d66ded1a6aa723a58b7b

When to use it

Hash with this algorithm