Early access — use code HOOKSENSEWELCOME for 1 month free
Share feedback →

HMAC Signature Calculator

Calculate HMAC signatures for webhook verification. Supports Stripe, GitHub, Shopify, Twilio, and custom providers. All computation happens in your browser — nothing is sent to any server.

How HMAC Webhook Verification Works

When a webhook provider (like Stripe or GitHub) sends you a webhook, they sign the request body using a shared secret and include the signature in a header. Your server recalculates the signature using the same secret and compares them. If they match, the webhook is authentic.

  1. 1. Provider sends webhook with signature header
  2. 2. Your server computes HMAC of the raw body using the shared secret
  3. 3. Compare computed signature with the header value
  4. 4. If they match, the webhook is verified and safe to process

Verify Signatures Automatically

HookSense verifies HMAC signatures for Stripe, GitHub, and Shopify automatically. No code needed.

Try HookSense Free