UUID Generator

Generate universally unique identifiers instantly

Bulk
History

Generated UUIDs will appear here

This UUID Generator can create, copy, and manage unique identifiers in seconds.

This tool generates RFC-compliant UUIDs across three versions, with bulk output and a built-in history panel.

Supported formats:

  • v4 - random, cryptographically secure, ideal for most use cases

  • v1 - time-based, encodes generation timestamp

  • v5 - deterministic, SHA-1 hashed from a namespace and name input

Generate one or batch up to 100 at a time. Every UUID lands in the history list automatically, where you can copy individual entries, copy the full list to clipboard, or download them as a .txt file. The history badge tracks your count at a glance.

Key features:

  • One-click copy on the main display

  • Bulk generation with configurable count

  • Namespace and name inputs for v5 UUIDs

  • Download history as a plain text file

  • Fully accessible with ARIA live regions

No sign-in. No server. Runs entirely in the browser.

What is a UUID Generator

A UUID Generator is an online tool that produces universally unique identifiers on demand - 128-bit values formatted as hyphen-separated hexadecimal strings, following the RFC 4122 standard.

UUID is short for Universally Unique Identifier.

Each generated string follows the pattern 8-4-4-4-12, producing outputs like 550e8400-e29b-41d4-a716-446655440000.

No central registration authority assigns them. No two systems need to coordinate. The identifier is statistically guaranteed to be globally unique the moment it's created.

How Does a UUID Generator Work?

A UUID generator applies a version-specific algorithm to a set of inputs - timestamp, MAC address, namespace, or random seed - and outputs a 128-bit value in the canonical hyphenated format.

The version determines what goes into the identifier and how it's constructed.

Version 1 UUID - Timestamp and MAC Address

Version 1 combines the current timestamp with the MAC address of the generating machine.

The result is time-ordered and traceable - useful for sequential logging, but it exposes device information.

Version 4 UUID - Random Number Generation

Version 4 draws from a CSPRNG (Cryptographically Secure Pseudorandom Number Generator), making it the most widely used version.

No timestamp. No MAC address. Pure randomness - 122 bits of it.

Version 5 UUID - SHA-1 Hashing with Namespace

Version 5 takes a namespace and a name string, runs them through SHA-1 hashing, and produces a deterministic identifier.

Same inputs always produce the same UUID. Useful for consistent resource identification across systems.

What Are the UUID Formats?

Every UUID is 128 bits. How it's written depends on the system consuming it.

  • Hyphenated - 550e8400-e29b-41d4-a716-446655440000 - the RFC 4122 standard form

  • Compact - 550e8400e29b41d4a716446655440000 - no hyphens, common in URLs and databases

  • Uppercase - 550E8400-E29B-41D4-A716-446655440000 - used in some Windows and .NET contexts

  • URN notation - urn:uuid:550e8400-e29b-41d4-a716-446655440000 - for URN-based resource naming

  • GUID format - {550e8400-e29b-41d4-a716-446655440000} - Microsoft's brace-wrapped convention

Hyphenated UUID Format (Standard)

The canonical form defined by RFC 4122. Five groups, four hyphens, 36 characters total.

Used by default in PostgreSQL, REST APIs, and most back-end development frameworks.

Compact UUID Format (No Hyphens)

Strips the hyphens, leaving 32 hexadecimal characters.

Preferred in URL slugs, hash maps, and storage systems where the hyphen has no semantic value.

GUID Format (Microsoft Windows)

Microsoft's implementation wraps the identifier in curly braces. Structurally identical to a UUID.

Found in Windows Registry entries, COM interfaces, and Active Directory object identifiers.

URN UUID Format

Prefixes the identifier with urn:uuid:, conforming to the Uniform Resource Name specification.

Used in XML namespaces, SAML tokens, and systems that require URI-based resource identification.

What is the Difference Between UUID and GUID?

UUID and GUID are the same 128-bit identifier format. The difference is terminological, not structural.

UUID follows RFC 4122, the open internet standard. GUID is Microsoft's term for its own implementation, used in Windows, COM, SQL Server, and Active Directory.

Both are interoperable. A UUID generated by a Linux system is structurally valid as a GUID in a Windows application - and vice versa.

How to Use a UUID in a Database

UUIDs replace auto-incremented integers as primary keys, enabling safe record merging across distributed database nodes, replicated tables, and microservices architecture environments.

Auto-increment integers break when two database nodes generate rows independently. UUIDs don't.

UUID as a Primary Key in PostgreSQL

PostgreSQL has a native UUID data type and a built-in gen_random_uuid() function (PostgreSQL 13+).

Indexing UUIDs with a B-tree index works out of the box; for write-heavy tables, a uuid-ossp extension or ULID variant reduces index fragmentation.

UUID as a Primary Key in MySQL

MySQL stores UUIDs as CHAR(36) or, more efficiently, as BINARY(16) after stripping hyphens.

The UUID() function generates version 1 identifiers; version 4 requires application-level generation via the language's standard library.

UUID Indexing Performance Considerations

Random UUID values (v4) cause index fragmentation in B-tree structures because new rows insert at unpredictable positions.

Solutions include ordered UUID variants (ULIDv7, UUID v7), storing as BINARY(16), or partitioning by UUID prefix - each a recognized software scalability trade-off in high-write systems.

How to Generate a UUID in Programming Languages

Every major language ships with UUID generation built in or available through a standard package - no external service required.

How to Generate a UUID in Python

Python's built-in uuid module handles all versions. uuid.uuid4() returns a random version 4 UUID; uuid.uuid1() returns a timestamp-based version 1.

No pip install needed. Part of the standard library since Python 2.5.

How to Generate a UUID in JavaScript (Node.js)

Node.js uses the crypto module (crypto.randomUUID()) natively from v14.17+, or the uuid npm package for broader version support.

Browser environments can call self.crypto.randomUUID() directly - no Node.js dependency required.

How to Generate a UUID in Java

java.util.UUID.randomUUID() generates a version 4 identifier. Available in every JDK without additional dependencies.

For version 5, use a third-party library such as com.fasterxml.uuid (Java UUID Generator).

How to Generate a UUID in PHP

PHP's ramsey/uuid Composer package covers all RFC 4122 versions. For v4 only, \Ramsey\Uuid\Uuid::uuid4()->toString() is sufficient.

Older codebases often use sprintf() with mt_rand() - not cryptographically secure; avoid for authentication tokens or session IDs.

How to Generate a UUID in Go

Go's github.com/google/uuid package is the standard. uuid.New() returns a version 4 UUID; uuid.NewSHA1() generates version 5.

Lightweight, no CGO dependency, safe for concurrent use.

What Are the Use Cases for UUID?

UUIDs solve one problem precisely: generating a globally unique identifier without coordination between systems.

That makes them the default choice in distributed architectures, RESTful API design, and any system where multiple nodes create records independently.

UUID in REST API Design

UUIDs serve as resource identifiers in API endpoints - /users/550e8400-e29b-41d4-a716-446655440000 instead of /users/42.

Non-sequential. Non-guessable. No information leaked about record count or creation order - a baseline requirement for token-based authentication and public-facing APIs.

UUID in Session Management and Authentication

Session tokens, password reset links, and email verification tokens are all valid UUID use cases - provided version 4 is used.

Version 1 exposes MAC address and timestamp data; never use it for security-sensitive identifiers.

UUID in Distributed Systems and Microservices

In a microservices environment, services create records independently across nodes. UUIDs ensure no collision without a central ID authority.

Paired with containerization, each container instance generates its own identifiers - no locking, no coordination overhead.

UUID in Event Tracking and Analytics

Event pipelines assign a UUID to each user action at the point of capture, before the event reaches any aggregation layer.

This enables idempotent processing - if the same event arrives twice, the duplicate UUID flags it for deduplication rather than double-counting.

Is a UUID Truly Unique?

A version 4 UUID has 2¹²² possible values - roughly 5.3 × 10³⁶ combinations.

The probability of generating two identical UUIDs across 1 billion generations per second for 100 years is statistically negligible. Collision is theoretically possible; practically, it's irrelevant.

RFC 4122 does not guarantee cryptographic uniqueness. It guarantees statistical uniqueness sufficient for distributed identifier generation without a central authority - which covers every real-world production use case.

UUID Security Considerations

Version and use case determine whether a UUID is secure. The format alone guarantees nothing.

Version 1 UUIDs encode the generating machine's MAC address and an accurate timestamp. Both are recoverable by an attacker with access to enough samples - making v1 unsuitable for session tokens, password reset links, or any public-facing identifier.

Version 4 UUIDs, generated by a CSPRNG, carry no extractable metadata. They're the correct choice for mobile app security implementations, authentication flows, and any context where the identifier must not leak system information.

Version 5 is deterministic - same input always produces the same output. Never use it as a security token; predictability is by design, not a bug.

A few practical rules:

  • Store UUIDs server-side; never expose v1 identifiers in client-facing responses

  • Use BINARY(16) storage in MySQL to avoid exposing the raw hexadecimal string in query logs

  • Rotate session UUIDs on privilege escalation - a UUID is not a substitute for proper session lifecycle management

  • Apply API rate limiting to any endpoint that accepts UUID input; enumeration attacks are still possible against poorly validated endpoints