Encoding
Base64, hex, URL encoding, hashing, HMAC, encryption, digital signatures, and certificate parsing nodes.
Encoding nodes handle data encoding, hashing, encryption, and cryptographic operations. They cover the full range of encoding tasks — from Base64 and URL encoding to SHA-256 hashing, HMAC signing, symmetric encryption, and X.509 certificate parsing.
All Encoding nodes are pure (blue header, no execution pins).
Base64 Encode
Encode a string to Base64.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Value | Input | String | The string to encode |
| Result | Output | String | Base64-encoded string |
Pure. Use Base64 Encode to prepare data for APIs that expect Base64 input — embedding content in JSON, building authentication headers.
Base64 Decode
Decode a Base64 string back to plain text.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Value | Input | String | The Base64 string to decode |
| Result | Output | String | Decoded string |
Pure. Use Base64 Decode to extract data from Base64-encoded API responses or email attachments.
URL Encode
Percent-encode a string for safe use in URLs.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Value | Input | String | The string to encode |
| Result | Output | String | Percent-encoded string |
Pure. Use URL Encode to safely embed query parameter values, especially those containing special characters.
URL Decode
Decode a percent-encoded string.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Value | Input | String | The percent-encoded string |
| Result | Output | String | Decoded string |
Pure. Use URL Decode to extract values from encoded URL parameters or form data.
HTML Encode
Encode special characters as HTML entities.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Value | Input | String | The string to encode |
| Result | Output | String | HTML-encoded string |
Pure. Use HTML Encode to sanitize text before embedding in HTML — preventing XSS when building email bodies or web content.
HTML Decode
Decode HTML entities back to characters.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Value | Input | String | The HTML-encoded string |
| Result | Output | String | Decoded string |
Pure. Use HTML Decode to extract readable text from HTML content.
Hash
Compute a cryptographic hash of a string. Supports SHA-256, SHA-512, SHA-1, and MD5.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Value | Input | String | The string to hash |
| Algorithm | Input | Enum | Hash algorithm: sha256, sha512, sha1, md5 (default: sha256) |
| Hash | Output | String | Hex-encoded hash digest |
Pure. Use Hash to compute checksums, generate fingerprints, or create deterministic identifiers from content.
HMAC
Compute a keyed hash (HMAC) for message authentication.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Value | Input | String | The message to sign |
| Key | Input | String | The secret key |
| Algorithm | Input | Enum | Hash algorithm: sha256, sha512, sha1, md5 (default: sha256) |
| Hash | Output | String | Hex-encoded HMAC digest |
Pure. Use HMAC to verify webhook signatures, sign API requests, or create authentication tokens.
HMAC (Raw)
Compute HMAC returning raw bytes instead of a hex string. Use this for multi-step signing chains.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Value | Input | Any | The message to sign |
| Key | Input | Any | The secret key (string or binary) |
| Algorithm | Input | Enum | Hash algorithm: sha256, sha512, sha1, md5 (default: sha256) |
| Raw Bytes | Output | Binary | Raw HMAC bytes |
Pure. Use HMAC (Raw) when you need the raw bytes for chained signing operations like SigV4 request signing.
New GUID
Generate a UUID v4 (universally unique identifier).
| Pin | Direction | Type | Description |
|---|---|---|---|
| GUID | Output | String | A new UUID v4 string |
Pure. Use New GUID to generate unique identifiers for records, correlation IDs, or deduplication keys.
Random Bytes
Generate cryptographically secure random bytes.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Length | Input | Integer | Number of bytes to generate (default: 32) |
| Bytes | Output | Binary | Random binary data |
Pure. Use Random Bytes to generate encryption keys, nonces, or initialization vectors.
Hex Encode
Encode bytes to a lowercase hex string.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Value | Input | Any | The value to encode |
| Hex String | Output | String | Hex-encoded string |
Pure. Use Hex Encode to convert binary data to a readable hex representation for logging or display.
Hex Decode
Decode a hex string to raw bytes.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Hex String | Input | String | The hex string to decode |
| Bytes | Output | Binary | Decoded binary data |
Pure. Use Hex Decode to convert hex-encoded data from APIs or logs back to binary.
Encrypt
Encrypt data with a symmetric key. Supports AES-256-GCM and other algorithms.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Data | Input | String | Plaintext to encrypt |
| Key | Input | String | Encryption key |
| Algorithm | Input | Enum | Encryption algorithm (default: aes-256-gcm) |
| Ciphertext | Output | String | Encrypted data (Base64-encoded) |
| IV | Output | String | Initialization vector (Base64-encoded) |
| Auth Tag | Output | String | Authentication tag for GCM modes (Base64-encoded) |
Pure. Use Encrypt to protect sensitive data before storing or transmitting it — encrypting credentials, PII, or tokens.
Decrypt
Decrypt data with a symmetric key.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Ciphertext | Input | String | Encrypted data (Base64-encoded) |
| Key | Input | String | Decryption key |
| IV | Input | String | Initialization vector |
| Auth Tag | Input | String | Authentication tag (for GCM modes) |
| Algorithm | Input | Enum | Encryption algorithm (default: aes-256-gcm) |
| Data | Output | String | Decrypted plaintext |
Pure. Use Decrypt to retrieve encrypted data — reading stored credentials or processing encrypted payloads.
Sign Data
Create a digital signature with a private key. Supports RSA and ECDSA algorithms.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Data | Input | String | The data to sign |
| Private Key | Input | String | PEM-encoded private key |
| Algorithm | Input | String | Signing algorithm: rsa-sha256, rsa-sha512, ecdsa-sha256, ecdsa-sha512 |
| Signature | Output | String | Base64-encoded signature |
Pure. Use Sign Data to create JWT tokens, sign API requests, or generate verifiable assertions.
Verify Signature
Verify a digital signature with a public key.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Data | Input | String | The original data |
| Signature | Input | String | The signature to verify |
| Public Key | Input | String | PEM-encoded public key |
| Algorithm | Input | String | Signing algorithm used |
| Valid | Output | Boolean | True if the signature is valid |
Pure. Use Verify Signature to authenticate incoming requests, validate JWT tokens, or verify data integrity.
Parse Certificate
Parse an X.509 certificate (PEM or DER format) and extract its fields.
| Pin | Direction | Type | Description |
|---|---|---|---|
| Certificate | Input | String | PEM or DER-encoded certificate |
| Subject | Output | String | Certificate subject (e.g., "CN=*.example.com") |
| Issuer | Output | String | Certificate issuer |
| Valid From | Output | String | Certificate validity start date |
| Valid To | Output | String | Certificate expiration date |
| Serial Number | Output | String | Certificate serial number |
| SANs | Output | Array | Subject Alternative Names |
Pure. Use Parse Certificate to monitor TLS certificate expiration, validate certificate chains, or extract identity information.