Outils en Ligne
UUIDDatabaseSystems

What is a UUID?

March 15, 2026·5 min read

UUIDs are widely used because they let systems generate identifiers without central coordination. That makes them useful in distributed systems, client-side generation flows, and data synchronization. It also introduces trade-offs around storage, readability, and database behavior that are worth understanding before you adopt them everywhere.

Their primary benefit? Anyone can create a UUID and use it to identify something with near certainty that the identifier does not duplicate one that has already been, or will be, created to identify something else.

1. Typical Structure

A UUID is composed of 32 hexadecimal characters broken into five distinct sections, representing 36 total characters. A standard UUID might look like this:

123e4567-e89b-12d3-a456-426614174000

2. The Variants: Why V4 is King

There are five major versions of UUIDs officially defined by RFC 4122. Each solves a specific problem differently.

  • Version 1 (Time/MAC Address): Uses your network cards MAC Address and generation time. Not reliable for privacy-protecting contexts.
  • Version 3 (MD5 Name-based): Identical UUIDs originate from an identical payload hashed in MD5.
  • Version 4 (Randomized): Currently the absolute standard. It generates 122 completely random bits through secure pseudorandom number generators (PRNG).
  • Version 5 (SHA-1 Name-based): Similar to V3, but uses SHA-1 hashing under the hood.

3. Implementation: Generating UUID v4

Use the uuid package: npm install uuid

import { v4 as uuidv4 } from 'uuid';

const id = uuidv4();
// "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d"

// Bulk generate
const ids = Array.from({ length: 10 }).map(() => uuidv4());

Without dependencies (crypto.getRandomValues for secure randomness):

function uuidv4() {
  return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, (c) => {
    const r = (Math.random() * 16) | 0;
    const v = c === 'x' ? r : (r & 0x3) | 0x8;
    return v.toString(16);
  });
}
// Note: Use crypto.getRandomValues for production (replace Math.random)

4. Why use UUID over Auto-Increment Integers?

Traditionally databases assign rows an ID starting at 1, increasing by 1. So why replace simple numbers with long messy strings in a modern database backend?

  • Data Hiding: If I am User ID #4 on your website, I immediately know you merely have three users who signed up before me. UUIDs prevent attackers from randomly guessing valid URLs.
  • Offline Systems Syncs: Creating mobile applications means offline users create data. By generating their own UUIDs, when they connect back online later, their IDs will seamlessly merge with the server without ever colliding with another user creating rows simultaneously.

5. Conclusion

UUID V4 ensures massive decentralized systems work collaboratively without single points of failure generating database locks. Although computationally heavier than a standard int, modern databases like PostgreSQL implement first-class native UUID types that completely wipe away the performance overheads.

Use the UUID Generator to generate UUID v4 values locally for test data and integration workflows.

6. UUIDs in database design

UUIDs improve decentralization, but they also affect indexing and storage behavior. For high-write tables, random v4 keys can increase index fragmentation compared with sequential numeric IDs.

  • Use native UUID column types: they are more efficient than storing UUIDs as plain text.
  • Avoid unnecessary string conversions: keep UUIDs binary/native in backend processing paths.
  • Benchmark critical tables: measure insert throughput and index growth with realistic traffic.

7. Common mistakes

  • Using insecure randomness: avoid Math.random() for production identifiers.
  • Mixing ID formats in one API: inconsistent ID shape confuses clients and validation logic.
  • Treating UUID as secret: UUID is an identifier, not an authentication mechanism.
  • No collision policy: always keep a database uniqueness constraint even if collisions are extremely unlikely.

8. Practical adoption checklist

  1. Choose one UUID version for new entities and document it clearly.
  2. Enforce format validation at API boundaries.
  3. Keep a migration strategy if converting from integer IDs.
  4. Test downstream analytics and exports for UUID compatibility.