NPM Version NPM Downloads Node.js Version Build Status Test Coverage

URL and cookie safe UIDs

Create cryptographically secure UIDs safe for both cookie and URL usage. This is in contrast to modules such as rand-token and uid2 whose UIDs are actually skewed due to the use of % and unnecessarily truncate the UID. Use this if you could still use UIDs with - and _ in them.


$ npm install uid-safe


var uid = require('uid-safe')

uid(byteLength, callback)

Asynchronously create a UID with a specific byte length. Because base64 encoding is used underneath, this is not the string length. For example, to create a UID of length 24, you want a byte length of 18.

uid(18, function (err, string) {
  if (err) throw err
  // do something with the string


Asynchronously create a UID with a specific byte length and return a Promise.

Note: To use promises in Node.js prior to 0.12, promises must be “polyfilled” using global.Promise = require('bluebird').

uid(18).then(function (string) {
  // do something with the string


A synchronous version of above.

var string = uid.sync(18)