handyman
Hazuu Tools

Token Generator

Generate secure tokens, API keys, UUIDs, passwords, and Nano IDs using cryptographic randomness — entirely in your browser.

token

Click "Generate" to create tokens
info

About Token Generator

Token Generator creates cryptographically secure random strings in six formats: Random String, Hex Token, UUID v4, API Key, Password, and Nano ID. Each format is purpose-built — UUID v4 follows the RFC 4122 standard for database primary keys, Hex tokens output pure hexadecimal characters used in authentication headers, Nano IDs produce URL-safe compact identifiers, and API keys use an alphanumeric character set common in third-party integrations.

You can generate up to 50 tokens in one click, configure token length from 8 to 128 characters, choose which character sets to include (uppercase, lowercase, digits, symbols), and attach a custom prefix or suffix to every result. The prefix field is especially practical for service-scoped keys: type "sk-" to produce strings like OpenAI-style secret keys, or "ghp_" to match the shape of GitHub personal access tokens.

All generation runs entirely in your browser using the Web Crypto API (crypto.getRandomValues), which provides cryptographically strong entropy — the same source used by professional security libraries. No token is ever transmitted to a server, stored, or logged. The tool is completely free with no account required, making it safe for generating production secrets, CSRF tokens, and database IDs even in sensitive environments.

star

Key Features

check_circle

Six distinct token formats

Switch between Random String, Hex Token, UUID v4, API Key, Password, and Nano ID from a single dropdown. Each format uses the correct character alphabet and length defaults for its intended purpose.

check_circle

Web Crypto API entropy

Every token is built with crypto.getRandomValues, which draws from the operating system's cryptographically strong random number generator — not Math.random() or any seeded algorithm.

check_circle

Bulk generation up to 50 tokens

Set the count slider to generate a batch in one click. Copy all results to the clipboard at once, or copy individual tokens line by line as you use them.

check_circle

Configurable prefix and suffix

Add a fixed string before and after every generated token. Useful for service-specific key formats such as "sk-", "Bearer ", or a project namespace suffix.

check_circle

Adjustable length and character sets

For Random String and Password types, choose any length from 8 to 128 and toggle uppercase, lowercase, digits, and symbols independently to match the exact requirements of the target system.

check_circle

Fully offline, zero data exposure

Nothing leaves the browser tab. There are no API calls, no logging, and no third-party scripts involved in generation, so you can safely create production credentials without network access.

help

How to Use

01

Select Token Type

Choose the format you need from the dropdown: Random String, Hex Token, UUID v4, API Key, Password, or Nano ID.

02

Configure Options

Adjust the length, character sets, optional prefix/suffix, and how many tokens to generate at once.

03

Generate & Copy

Click "Generate" to create your tokens, then copy individual tokens or all of them at once.

code_blocks

Example

Generating 3 UUID v4 tokens with no prefix or suffix. Each output is a standard 36-character identifier in the xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx format, ready to use as a database primary key.

Settings
Type: UUID v4
Count: 3
Length: 36 (fixed)
Prefix: (none)
Suffix: (none)
Generated tokens
a3f8c2d1-7b45-4e9f-8c0a-1d2e3f4a5b6c
91e5d4c3-2a67-4f80-b1c2-3d4e5f6a7b8c
5c7b9a0e-1f23-4d56-e789-0a1b2c3d4e5f
lightbulb

Common Use Cases

  • arrow_circle_right

    API key provisioning for developer tools

    When building a SaaS product or internal service, generate a batch of pre-formatted API keys before your key-issuance backend is built. The prefix field lets you match your own key schema (e.g., "myapp_live_") so placeholders look identical to real keys.

  • arrow_circle_right

    Database primary key seeding

    UUID v4 tokens are the standard choice for distributed system primary keys because they do not require a central counter. Generate a set during schema design or data migration to populate test rows without collisions.

  • arrow_circle_right

    CSRF and session token generation

    Web frameworks require per-session random strings for CSRF protection and session identifiers. Use the Hex Token format at 64 characters — the format most web security libraries expect — to generate values you can hard-code in test fixtures or seed files.

  • arrow_circle_right

    Nano IDs for URL slugs and short links

    Nano ID produces compact, URL-safe identifiers (A-Za-z0-9_-) that are shorter than UUIDs. Use them to create unique short-link slugs, shareable resource IDs, or invite codes that do not expose sequential integers.

  • arrow_circle_right

    Seeding environment variables during local setup

    New project contributors need secure values for JWT_SECRET, ENCRYPTION_KEY, and similar environment variables before the app runs locally. Generate several tokens at once, copy all, and paste directly into a .env.local file.

quiz

Frequently Asked Questions

What is a Token Generator? expand_more
A Token Generator is a tool that creates random strings of characters used for authentication, authorization, unique identifiers, and security purposes. It produces cryptographically secure values suitable for API keys, session tokens, passwords, and more.
Are the generated tokens secure? expand_more
Yes. This tool uses the Web Crypto API (crypto.getRandomValues) which provides cryptographically strong random values. All generation happens entirely in your browser — no tokens are transmitted to any server.
What is the difference between UUID, Nano ID, and Hex tokens? expand_more
UUID v4 is a 128-bit identifier in a standardized format (e.g., 550e8400-e29b-41d4-a716-446655440000) widely used in databases. Nano ID is a URL-safe, compact alternative (A-Za-z0-9_-) ideal for short unique IDs. Hex tokens use only hexadecimal characters (0-9a-f) and are common in authentication systems and cryptographic contexts.
Can I use these tokens in production? expand_more
Absolutely. The tokens generated here use the same cryptographic primitives (Web Crypto API) used by professional security libraries. They are suitable for API keys, session tokens, database IDs, CSRF tokens, and any other production use case requiring secure random values.
How is this different from the Random Password Generator? expand_more
The Random Password Generator is focused on human-memorable passwords with readability rules — avoiding ambiguous characters, producing pronounceable words, or meeting specific site password policies. This Token Generator is focused on machine-readable secrets: it supports UUID v4, Hex, Nano ID, and API Key formats that passwords do not need, and lets you add a prefix/suffix for service-specific key schemas. Use the password tool when a person must type or remember the result; use this tool when the value is consumed by software.
What length should I use for an API key? expand_more
Most API key formats use 32 to 64 characters of alphanumeric entropy, which provides 192 to 384 bits of randomness — far more than enough for any practical security requirement. The default API Key format in this tool uses 40 characters (uppercase, lowercase, and digits), matching the length of GitHub personal access tokens and similar services.
Can I generate multiple tokens at once? expand_more
Yes. Use the Count slider or input field to generate up to 50 tokens in a single click. You can then copy all of them to the clipboard as a newline-separated list, or copy individual tokens one at a time from the results list.
Does the prefix or suffix affect the randomness of the token? expand_more
No. The prefix and suffix are fixed strings appended around the randomly generated core. The random portion is always the full configured length, so a prefix of "sk-" and a 40-character API Key produces "sk-" plus 40 random characters — the entropy is unchanged.