HMAC (Hash-based Message Authentication Code) uses a shared secret key combined with a hash function to provide both message integrity AND authentication. If the key is known only to sender and receiver, it proves authenticity.
HMAC = integrity + authentication. Hash alone = integrity only. Digital signature = integrity + authentication + non-repudiation. TLS uses HMAC for record integrity. JWT uses HMAC (HS256) or RSA (RS256) for signature.