Key-based message authentication code (HMAC-SHA)
HMAC combines a secret key with a hash function to verify both the integrity and authenticity of a message at the same time. It is commonly used in the form of HMAC-SHA256.
Anyone without the key cannot produce a valid HMAC, so it is widely used for signing API requests, verifying webhooks, and signing tokens (JWT). In this tool, turning on the HMAC option and entering a key switches the SHA family into HMAC mode.