FK FormatKit Tools
Developer Tools

HMAC Generator

Generate an HMAC signature with SHA-256, SHA-384 or SHA-512 using the Web Crypto API.

Message

HMAC signature

Related tools

Keep the workflow moving

What this tool does

HMAC signatures combine a message with a secret key. They are commonly used to verify webhook payloads and protect request integrity.

How to use it well

Start with a small sample, check the output, then paste the full text when the result looks right. For important production data, review the output before saving or sharing it.

Common uses

  • Test webhook signatures
  • Check API examples
  • Compare backend HMAC output
Guide

HMAC Signatures Explained for API and Webhook Testing

Understand how a message, secret and hash algorithm combine to create a verifiable signature.

Read guide

Questions

Is the secret sent to the server?

No. The signature is generated in your browser with the Web Crypto API.

Should I use a production secret here?

For sensitive systems, use a temporary test secret and generate production signatures inside your trusted application environment.