What this tool does
Free UUID generator online -- generate UUID v4 random identifiers and UUID v5 deterministic identifiers for databases, APIs, and distributed systems
How UUID v4 and v5 generation works, when to use each version, and the key differences between UUID formats
This free UUID generator creates RFC 4122-compliant Universally Unique Identifiers in your browser using the Web Crypto API. UUID v4 generation uses crypto.randomUUID() in supported browsers, falling back to crypto.getRandomValues(new Uint8Array(16)) with the appropriate version (4) and variant bits set. This produces 122 bits of cryptographic randomness formatted as a 36-character string in the standard 8-4-4-4-12 hexadecimal group pattern (e.g. 550e8400-e29b-41d4-a716-446655440000). The tool supports bulk generation of 1 to 100 UUID v4 values in a single click, with optional uppercase formatting and no-hyphens compact format for use in contexts where hyphens are not permitted or waste space. All generation runs entirely in your browser -- no UUIDs are ever transmitted to a server.
UUID v5 generation uses a different algorithm: it takes a namespace UUID and a name string, concatenates their binary representations, and computes a SHA-1 hash using the Web Crypto API's subtle.digest method. The first 16 bytes of the hash are then taken, the version bits are set to 0101 (5) in the high nibble of byte 6, and the variant bits are set to 10 in the two high bits of byte 8, producing a valid UUID v5. The four standard namespaces defined in RFC 4122 are pre-loaded: DNS (for domain names), URL (for URL strings), OID (for ISO object identifiers), and X500 (for X.500 distinguished names). A custom namespace option allows you to enter any UUID as the namespace, which is useful for application-specific UUID derivation schemes where you want to scope your UUIDs independently from the standard namespaces.
The primary use cases for UUID generation span all layers of software development. In databases, UUIDs serve as primary keys that can be generated client-side without querying a sequence -- enabling offline-first applications, pre-generated IDs for optimistic inserts, and distributed insert patterns. In REST APIs, UUIDs identify resources in URL paths (/api/users/550e8400-...) and in response payloads. In microservices architectures, UUID v4 values serve as correlation IDs and request trace IDs that flow through service boundaries in distributed tracing systems. In file storage, UUIDs are used as object keys in S3-compatible storage to avoid hot-spotting. In event sourcing and CQRS systems, UUID v5 values are used to deterministically derive aggregate IDs from domain concepts, enabling any service to independently compute the same identifier for the same logical entity without coordination.
Features and formats
UUID v4 Random
Generates cryptographically random UUIDs using crypto.randomUUID() or crypto.getRandomValues() -- 122 bits of entropy per UUID.
UUID v5 Deterministic
Generates reproducible UUIDs from a namespace + name input using SHA-1 via the Web Crypto subtle.digest API.
Bulk Generation
Generate 1 to 100 UUID v4 values in a single click -- useful for seeding databases, creating test fixtures, or generating batch IDs.
DNS Namespace
Standard RFC 4122 namespace for deriving v5 UUIDs from domain names and hostnames: 6ba7b810-9dad-11d1-80b4-00c04fd430c8.
URL Namespace
Standard RFC 4122 namespace for deriving v5 UUIDs from full URL strings: 6ba7b811-9dad-11d1-80b4-00c04fd430c8.
Custom Namespace
Enter any UUID as a custom namespace to scope v5 derivations to your application, preventing collisions with standard namespaces.
Uppercase Format
Toggle to output UUIDs in uppercase hex (A-F instead of a-f) for systems that require or conventionally use uppercase GUIDs.
No-Hyphens Format
Toggle to remove the four hyphen separators, producing a compact 32-character hex string for URL segments, filenames, and CHAR(32) columns.
Per-UUID Copy
Individual copy button on each generated UUID row for quick clipboard access without selecting text manually.
Copy All
Copies all generated UUIDs as a newline-separated list for pasting into config files, seed scripts, or SQL statements.
Client-Side Only
All generation runs in your browser using the Web Crypto API -- no UUIDs are transmitted to any server or stored anywhere.
RFC 4122 Compliant
Generated UUIDs conform to RFC 4122 with correct version and variant bits set -- compatible with all UUID-aware libraries and databases.
Examples
UUID generation examples -- v4 random, v5 deterministic, bulk generation, custom namespaces, and format options
Five real-world scenarios showing UUID v4 and v5 usage patterns and when each format option is appropriate
ExcellentUUID v4 -- random identifier for a new database record
Generated UUID v4:
550e8400-e29b-41d4-a716-446655440000
Format: standard (lowercase, with hyphens)
Entropy: 122 bits of cryptographic randomness
Structure: xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx
version=4 ^ ^ variant bits
SQL usage:
INSERT INTO users (id, email) VALUES
('550e8400-e29b-41d4-a716-446655440000', 'user@example.com');
UUID v4 is the standard choice for new database records in distributed systems. The version digit (4) appears as the first character of the third group, and the variant bits constrain the first character of the fourth group to 8, 9, a, or b. Every call to the generator produces a completely different value -- there is no relationship between consecutive UUIDs.
ExcellentUUID v5 -- deterministic ID for a domain name
Namespace: DNS (6ba7b810-9dad-11d1-80b4-00c04fd430c8)
Name: example.com
Generated UUID v5:
cfbff0d1-9375-5685-bcc4-aef421a58f61
Always the same for these exact inputs.
Any system can independently reproduce this UUID
from just the namespace and name -- no central registry needed.
UUID v5 produces the same output every time for the same namespace and name inputs. This makes it useful for content-addressable systems where you want a stable identifier that can be regenerated independently by any service. The DNS namespace is the conventional choice when deriving identifiers from domain names or hostnames.
GoodUUID v4 bulk -- generating 10 unique session tokens
Count: 10, Format: no-hyphens, uppercase
A1B2C3D4E5F6748190A2B3C4D5E6F7A0
B2C3D4E5F6A7B8C9D0E1F2A3B4C5D6E7
C3D4E5F6A7B8C9D0E1F2A3B4C5D6E7F8
D4E5F6A7B8C9D0E1F2A3B4C5D6E7F8A9
...10 total
Copy All -> newline-separated list ready to paste
Bulk generation with the no-hyphens and uppercase format produces compact 32-character hex strings suitable for use as API keys, session identifiers, or file names. The Copy All button copies all 10 values as a newline-separated list for easy pasting into configuration files, seed scripts, or database migration files.
GoodUUID v5 -- stable product SKU from custom namespace
Namespace: Custom
Custom NS: a1b2c3d4-e5f6-4a7b-8c9d-0e1f2a3b4c5d (your app's root UUID)
Name: product:laptop-pro-2024
Generated UUID v5:
7f3e9a1b-2c4d-5e6f-9a0b-1c2d3e4f5a6b
Same UUID generated in:
Python: uuid.uuid5(custom_ns_uuid, 'product:laptop-pro-2024')
JavaScript: uuidV5(customNs, 'product:laptop-pro-2024')
Any system with the same namespace + name
Using a custom namespace UUID (a v4 UUID you generated once for your application) as the root scopes all derived v5 UUIDs to your application. This prevents collisions with v5 UUIDs generated by other applications using the same name strings. The product SKU name can then be deterministically converted to a UUID in any service without database lookups.
GoodUUID v4 uppercase no-hyphens -- legacy system API key format
Standard UUID v4:
f47ac10b-58cc-4372-a567-0e02b2c3d479
Uppercase, no hyphens:
F47AC10B58CC4372A5670E02B2C3D479
32 characters, hex only, no special characters
Safe for: URL path segments, filenames, CHAR(32) columns,
systems that reject hyphens in identifier fields
Some legacy APIs, databases, and storage systems require identifiers without hyphens or in uppercase hex format. The no-hyphens toggle removes the four separators to produce a 32-character string. Both formats represent exactly the same 128-bit value -- the hyphens are purely cosmetic and carry no structural information.
FAQ
Frequently asked questions about UUID generation, UUID v4 vs v5, namespaces, database primary keys, and API token usage
Common questions about how UUIDs work, which version to use, and how to generate them in JavaScript, Python, and other languages
What is a UUID and what is it used for?
A UUID (Universally Unique Identifier), also called a GUID (Globally Unique Identifier) on Windows platforms, is a 128-bit identifier standardised in RFC 4122. It is formatted as 32 hexadecimal digits in five groups separated by hyphens: 8-4-4-4-12 characters, for example 550e8400-e29b-41d4-a716-446655440000. UUIDs are designed to be globally unique without requiring a central registry or coordination between systems. They are used as primary keys in databases, identifiers for distributed system resources, session tokens in web applications, file and object identifiers in storage systems, node IDs in microservices, and unique identifiers in logging and event tracking systems.
What is the difference between UUID v4 and UUID v5?
UUID v4 is generated from cryptographically secure random data -- it produces 122 bits of randomness (the remaining 6 bits encode the version and variant), making every generated UUID effectively unique. UUID v5 is deterministic -- it takes a namespace UUID and a name string, concatenates them, and hashes the result with SHA-1. The hash output is then formatted as a UUID with the version and variant bits set. The critical difference is reproducibility: calling uuidV4() twice produces two different UUIDs, but calling uuidV5 with the same namespace and name always produces the same UUID. Use v4 when you need a unique identifier for a new resource. Use v5 when you need a stable, reproducible identifier that can be independently regenerated from known inputs.
What are UUID v5 namespaces and which one should I use?
UUID v5 namespaces are well-known UUIDs defined in RFC 4122 that scope the name space for hashing. They prevent collisions between different types of names -- the same name string in different namespaces produces different UUIDs. The four standard namespaces are: DNS (6ba7b810-...) for domain names and hostnames, URL (6ba7b811-...) for full URL strings, OID (6ba7b812-...) for ISO Object Identifiers, and X500 (6ba7b814-...) for X.500 distinguished names. For most custom applications, use the DNS namespace if your names are domain-like, or the URL namespace if your names are URL-like. If you are creating a completely custom namespace for your application, generate a random UUID v4 and use that as your custom namespace UUID.
Are UUID v4 values truly unique -- can they collide?
In practice, UUID v4 values are effectively unique for all real-world use cases. A UUID v4 contains 122 bits of cryptographic randomness. The probability of generating any two identical UUID v4 values is approximately 1 in 5.3 x 10^36 -- an incomprehensibly small number. To put it in context: to have even a 50% probability of a single collision, you would need to generate approximately 2.7 x 10^18 (2.7 quintillion) UUIDs. At a rate of 1 billion UUIDs per second, that would take about 85 years. The generation quality depends on the cryptographic random number generator -- this tool uses crypto.randomUUID() (or crypto.getRandomValues() as a fallback) which uses the operating system's cryptographically secure PRNG.
How do I generate a UUID in JavaScript or TypeScript?
In modern JavaScript and TypeScript, the simplest approach is crypto.randomUUID(), which is available in all modern browsers and Node.js 14.17+. It returns a string like '550e8400-e29b-41d4-a716-446655440000' directly. For environments where crypto.randomUUID() is not available, you can use crypto.getRandomValues(new Uint8Array(16)) to get 16 random bytes, then set the version bits (byte 6, high nibble to 4) and variant bits (byte 8, two high bits to 10 in binary), and format as a hex string. In Node.js you can also use the built-in crypto module: const { randomUUID } = require('crypto'); randomUUID(). For UUID v5, there is no native browser API -- you need to use the WebCrypto subtle.digest('SHA-1', ...) API or a library like the uuid npm package.
How do I generate a UUID in Python?
Python's standard library includes a uuid module with direct support for all UUID versions. For UUID v4 (random): import uuid; str(uuid.uuid4()) produces a lowercase hyphenated UUID string. For UUID v5 (deterministic): uuid.uuid5(uuid.NAMESPACE_DNS, 'example.com') takes a namespace constant and a name string. The built-in namespace constants are uuid.NAMESPACE_DNS, uuid.NAMESPACE_URL, uuid.NAMESPACE_OID, and uuid.NAMESPACE_X500 -- these correspond exactly to the namespaces in this tool. To remove hyphens, call str(uuid.uuid4()).replace('-', ''). To get uppercase, call str(uuid.uuid4()).upper(). UUID v4 in Python uses os.urandom() internally, which calls the operating system's cryptographically secure random source.
Should I use UUIDs as database primary keys?
UUIDs are widely used as database primary keys, particularly in distributed systems where rows are created across multiple nodes without a central auto-increment sequence. UUID v4 has excellent uniqueness properties but its random nature causes index fragmentation in B-tree indexes (like those used by PostgreSQL and MySQL) at high insert rates, because each new row inserts into a random position in the index rather than appending to the end. UUID v7 (ratified in the 2022 revision of the UUID spec) addresses this by using a sortable timestamp prefix, making new rows consistently append to the end of the index and dramatically improving write performance. UUID v7 is not yet universally supported in ORMs and database drivers, but is growing in adoption. For most applications with moderate write volumes, UUID v4 performs acceptably.
What is the No Hyphens format and when is it used?
The no-hyphens format removes the four hyphen separators from a UUID, producing a 32-character hexadecimal string like 550e8400e29b41d4a716446655440000 instead of the standard 550e8400-e29b-41d4-a716-446655440000. This compact format is used in contexts where the hyphens cause issues or waste storage space. Common use cases include: URL path segments where hyphens would be ambiguous, database storage where a CHAR(32) column or binary(16) is preferred over CHAR(36), API keys and token strings that users copy and paste, file names where hyphens are interpreted as word separators, and systems that store UUIDs as raw binary (16 bytes) but display them as hex strings. Both formats represent the same identifier -- the hyphens carry no information and are purely cosmetic formatting.
What is the difference between UUID v1, v3, v4, v5, v6, and v7?
RFC 4122 originally defined four versions. UUID v1 combines a 60-bit timestamp with the MAC address of the generating machine -- it is time-sortable but reveals the host's MAC address, a privacy concern. UUID v3 is like v5 but uses MD5 instead of SHA-1 for hashing -- v5 is preferred because SHA-1 is stronger than MD5. UUID v4 is fully random with no timestamp component. UUID v5 is deterministic SHA-1 based. UUID v6 is a reordering of v1's timestamp for better sortability. UUID v7 (introduced in the 2022 RFC revision) uses a Unix timestamp millisecond prefix followed by random bits -- it is the recommended choice for database primary keys needing time-ordered insertion. UUID v8 reserves space for custom implementations. This tool generates v4 (random) and v5 (deterministic).
Can I use UUIDs for session tokens or API keys?
UUID v4 values can be used as session tokens and API keys, and this is a common practice in many systems. They provide 122 bits of randomness, which is sufficient entropy to prevent brute-force guessing attacks. However, dedicated cryptographic token generators like crypto.getRandomValues() with 32 bytes (256 bits) of entropy are generally preferred for security-critical tokens because they provide more bits of randomness and are designed specifically for token use cases. If you do use UUIDs as session tokens, always store only a hashed version (using SHA-256 or similar) in the database, transmit them only over HTTPS, set appropriate cookie security flags (HttpOnly, Secure, SameSite), and implement expiry and rotation policies. UUID v5 should never be used for session tokens because it is deterministic -- anyone who knows the namespace and name can reproduce the token.
Related Tools
Need a disposable email address?Stop giving your real email to sites you don't trust -- get a free instant throwaway with no signup and no trace.
Get Free Temp Mail ->