Creates cryptographically secure HMAC-SHA256 hashes for message authentication and integrity verification. Access via MCP in Cursor or Windsurf, or call GET /v1/hash/hmac-sha256 directly. Pass your message and secret key to get a deterministic 64-character hex digest. Essential for API signatures, JWT tokens, and secure data validation workflows.
curl "https://tinyfn.io/v1/hash/hmac-sha256" \
-H "X-API-Key: YOUR_API_KEY"const response = await fetch('https://tinyfn.io/v1/hash/hmac-sha256', {
headers: { 'X-API-Key': 'YOUR_API_KEY' }
});
const data = await response.json();
console.log(data);import requests
response = requests.get('https://tinyfn.io/v1/hash/hmac-sha256',
headers={'X-API-Key': 'YOUR_API_KEY'})
data = response.json()
print(data)Connect your AI agent (Claude, Cursor, Windsurf, etc.) to TinyFn's hash tools:
{
"mcpServers": {
"tinyfn-hash": {
"url": "https://tinyfn.io/mcp/hash",
"headers": {
"X-API-Key": "YOUR_API_KEY"
}
}
}
}Provide both message and secret key parameters. The tool combines them cryptographically to produce a 64-character hexadecimal hash that verifies both authenticity and integrity.
HMAC-SHA256 requires a secret key and provides message authentication, while SHA256 only provides integrity checking. HMAC proves the message came from someone who knows the secret.
Yes, AI agents in Cursor or Claude Code can generate HMAC signatures for AWS, webhook verification, or custom API authentication by passing request data and your secret key.
Yes, HMAC-SHA256 always produces exactly 64 hexadecimal characters (256 bits), regardless of input message length. This makes it predictable for storage and validation.
The hash will be completely different. HMAC-SHA256 is deterministic but highly sensitive to key changes - even one character difference produces an entirely unrelated output.