HMAC (Keyed-Hash Message Authentication Code) is a type of message authentication code (MAC) that involves a cryptographic hash function in combination with a secret key. It is used to verify both the integrity and authenticity of a message.
HMAC is constructed using a cryptographic hash function (such as MD5, SHA-1, or SHA-256) and a secret key. The key is first hashed with the message using the hash function, and then the result is hashed again with the key. This double hashing process makes it computationally infeasible for an attacker to forge the HMAC without knowing the secret key.