What is a UUID
A Universally Unique Identifier (UUID) is a 128-bit number used to identify information in computer systems. Standardised in RFC 4122, a UUID is represented as 32 hexadecimal characters grouped in the pattern 8-4-4-4-12, for example: 550e8400-e29b-41d4-a716-446655440000. The theoretical probability of collision is so low (1 in 5.3×10³⁶) that UUIDs are considered universally unique for all practical purposes.
Main UUID versions
- UUIDv1: based on current timestamp + MAC address. Guaranteed chronological order but exposes hardware info.
- UUIDv3: MD5 hash of a namespace + name. Deterministic: same input always produces the same UUID.
- UUIDv4: completely random (122 random bits). No timestamp or machine info — preferred for most new systems.
- UUIDv5: like v3 but using SHA-1. Preferred over v3 for security reasons.
- UUIDv7 (2024): time-ordered + random. K-sortable, ideal for database primary keys as it preserves B-tree locality.
Generating UUIDs in JavaScript
- Node.js 14.17+/Browser: crypto.randomUUID() — native, fast, secure (no dependencies)
- npm uuid library: uuid.v4(), uuid.v5(), uuid.v7() — more flexible, cross-platform
- uuidv7 library: dedicated library for UUIDv7
When to use UUIDs
UUIDs are ideal for entity IDs in distributed databases (where auto-increment integers would conflict between nodes), for public-facing API identifiers (they prevent the enumeration attack possible with sequential integer IDs), for sessions and temporary tokens, and for any context where uniqueness must be guaranteed without centralised coordination.