Encoding Tools

Encode, decode, and hash data.

Overview

The Encoding Tools connector is a workflow-side utility for transforming text and binary data between common encodings, and for generating hashes and HMAC signatures. It runs entirely inside Spojit - no external service, no auth, no rate limits.

Use it any time data has to cross a boundary that requires a specific encoding: Base64 for binary-in-JSON, URL encoding for query strings, HMAC for webhook signature verification, hashing for stable identifiers or content fingerprints.

What You Can Do

The encoding connector exposes these tools:

  • base64-encode / base64-decode - Encode and decode Base64 text.
  • url-encode / url-decode - Percent-encode strings for use in URLs and query parameters.
  • hex-encode / hex-decode - Convert between text and hex representation.
  • html-encode / html-decode - Encode and decode HTML entities (e.g. &).
  • to-binary / from-binary - Convert between text and raw binary representation.
  • hash-md5 / hash-sha1 / hash-sha256 / hash-sha512 - Generate cryptographic hashes.
  • hmac - Compute an HMAC (Hash-based Message Authentication Code) for signed-payload verification.

Authentication and Setup

No connection or authentication is required. These tools are built into the platform and available in every workflow by default - just drop a Connector node onto the canvas and pick the tool you need.

Using in a Workflow

Add a Connector node, select Encoding Tools, and choose Direct Mode with the specific tool you need - encoding operations are deterministic so Agent Mode rarely adds value here. Pipe the upstream value in via {{ step.field }} and the result becomes available for downstream steps.

Tips

  • For webhook signature verification, run hmac with the same secret and algorithm the source service uses, then compare against the header value.
  • Use hash-sha256 to generate stable record IDs from a tuple of fields - much cheaper than a UUID lookup.
  • When passing binary data through JSON-only APIs, base64-encode in the producer step and base64-decode in the consumer step.

Common Pitfalls

  • Wrong HMAC algorithm - GitHub and Shopify use SHA-256; some legacy services use SHA-1. Mismatch silently fails verification.
  • URL-encoded already - Re-encoding an already-encoded string double-escapes everything (%20 becomes %2520). Decode first if you're unsure.
  • MD5 for security - hash-md5 is fine for fingerprints, never for passwords or signatures. Use SHA-256 or HMAC there.

Common Use Cases

Related Articles

For technical API details and field specifications, see the Encoding Tools documentation.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.