What Is a UUID, and When Should You Use One?

You've seen them in URLs, databases and API responses: 36-character strings like 550e8400-e29b-41d4-a716-446655440000. That's a UUID — a Universally Unique Identifier — and it solves a specific, common problem.

What it is

A UUID is a 128-bit value, usually shown as 32 hex digits in five hyphen-separated groups. The point: it can be generated anywhere, by anyone, without coordinating with a central server, and still be practically guaranteed unique. Generate one instantly with the UUID generator.

Why they don't collide

Version 4 UUIDs (the common kind) are mostly random — 122 random bits. The number of possible values is so vast that you could generate billions per second for a century and the odds of a duplicate stay negligible. That's what lets two offline devices both create IDs that will never clash when they sync.

UUID vs auto-increment IDs

Database auto-increment IDs (1, 2, 3…) are compact and ordered, but they require the database to hand them out, they leak information ("user #5" tells competitors you have few users), and they're guessable. UUIDs are larger and unordered, but they can be created client-side, don't reveal counts, and are safe to expose in URLs.

When to reach for each

Use UUIDs when records are created in multiple places and merged (mobile apps, distributed systems), when you don't want IDs to be enumerable, or for public-facing identifiers. Stick with auto-increment for small internal tables where order and compactness matter and exposure doesn't.

Related developer tools

Building APIs and tokens? Decode and inspect a token with the JWT decoder, convert epoch values with the Unix timestamp converter, and encode binary-safe payloads with the Base64 encoder — all browser-side, nothing sent anywhere.