Generates cryptographically secure random bytes using system entropy sources. Call via MCP in Cursor/Claude Code or REST at GET /v1/crypto/random-bytes with byte count parameter. Returns base64-encoded random data suitable for keys, tokens, salts, and nonces. Uses platform-native secure random generators (urandom, CryptGenRandom).
curl "https://tinyfn.io/v1/crypto/random-bytes" \
-H "X-API-Key: YOUR_API_KEY"const response = await fetch('https://tinyfn.io/v1/crypto/random-bytes', {
headers: { 'X-API-Key': 'YOUR_API_KEY' }
});
const data = await response.json();
console.log(data);import requests
response = requests.get('https://tinyfn.io/v1/crypto/random-bytes',
headers={'X-API-Key': 'YOUR_API_KEY'})
data = response.json()
print(data)Connect your AI agent (Claude, Cursor, Windsurf, etc.) to TinyFn's cryptography tools:
{
"mcpServers": {
"tinyfn-crypto": {
"url": "https://tinyfn.io/mcp/crypto",
"headers": {
"X-API-Key": "YOUR_API_KEY"
}
}
}
}Call GET /v1/crypto/random-bytes?count=32 or use the MCP tool with count=32. Returns base64-encoded output like 'x7K9mP3qR8vL2nM...' representing 32 secure random bytes.
This uses cryptographically secure entropy sources while Math.random() is pseudorandom and predictable. Never use Math.random() for passwords, tokens, or any security-sensitive values.
Yes, MCP-enabled agents in Cursor or Windsurf can call this tool to generate unpredictable tokens. Specify sufficient entropy (16+ bytes for session IDs, 32+ for API keys).
The API accepts reasonable limits (typically up to 1024 bytes per request) to prevent abuse. For larger needs, make multiple calls or consider if you actually need that much entropy.
Raw bytes aren't JSON-safe or readable. Base64 encoding ensures the random data survives HTTP transport and can be easily decoded in any programming language.
Get your free API key and start using Random Bytes in seconds.
Get Free API Key