What is UUID/GUID
A Universally Unique IDentifier (UUID
) – also called a Global Unique IDentifier (GUID
) – is a 128bit value formatted into blocks of hexadecimal digits separated by a hyphen (‘‘ U+002D). A typical UUID is baef6775eb3a4ac985d370e4aa0d9d94
.
A version 4 UUID is defined in RFC 4122: 128 randomlygenerated bits with six bits at certain positions set to particular values. For example,
1 2 3 
baef6775eb3a4ac985d370e4aa0d9d94 ^ ^ 1 2 
The digit at position 1 above is always ‘4‘ and the digit at position 2 is always one of ‘8‘, ‘9‘, ‘A‘ or ‘B‘. It doesn’t matter whether the letters AF are upper or lower case.
Procedure
The procedure to generate a version 4 UUID is as follows:
 Generate 16 random bytes (=128 bits)
 Adjust certain bits according to RFC 4122 section 4.4 as follows:
 set the four most significant bits of the 7th byte to 0100’B, so the high nibble is ‘4’
 set the two most significant bits of the 9th byte to 10’B, so the high nibble will be one of ‘8’, ‘9’, ‘A’, or ‘B’.
 Convert the adjusted bytes to 32 hexadecimal digits
 Add four hyphen ‘‘ characters to obtain blocks of 8, 4, 4, 4 and 12 hex digits
 Output the resulting 36character string “XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX”
Solutions
Below are oneliner(ish) solutions for an RFC 4122 version 4 compliant solution.
Modern Browsers:
1 2 3 4 
'xxxxxxxxxxxx4xxxyxxxxxxxxxxxxxxx'.replace(/[xy]/g, function(c) { var r = crypto.getRandomValues(new Uint8Array(1))[0]%160, v = c == 'x' ? r : (r&0x30x8); return v.toString(16); }); 
Node.js:
1 2 3 4 
'xxxxxxxxxxxx4xxxyxxxxxxxxxxxxxxx'.replace(/[xy]/g, function(c) { var r = crypto.randomBytes(1)[0]%160, v = c == 'x' ? r : (r&0x30x8); return v.toString(16); }); 
Other Environments (old broswers etc less IE 11):
1 2 3 4 
'xxxxxxxxxxxx4xxxyxxxxxxxxxxxxxxx'.replace(/[xy]/g, function(c) { var r = Math.random()*160, v = c == 'x' ? r : (r&0x30x8); return v.toString(16); }); 
E.g:
1 2 3 4 5 6 7 8 9 
>>> 'xxxxxxxxxxxx4xxxyxxxxxxxxxxxxxxx'.replace(/[xy]/g, function(c) {var r = Math.random()*160,v=c=='x'?r:r&0x30x8;return v.toString(16);}); "baef6775eb3a4ac985d370e4aa0d9d94" "f52350ea9a4e446093a7e5a1137b57df" "65ba2365883f4ca0a8de3415340d52e5" "ad072e7554ef4d99b63c5a47b97114c4" "2b55bfa577954cb38e4d6d556e35f957" "88bc8eac2209454c930402d498a39056" "44efd3edbdc94d0eac28763b641d3211" "587dbbef4d434f99bb0860da3ca24b9c" 
Side Note

Be aware that UUID uniqueness relies heavily on the underlying random number generator (RNG). The solution above uses
Math.random()
for brevity, howeverMath.random()
is not guaranteed to be a highquality RNG. See Adam Hyland’s excellent writeup on Math.random() for details. For a more robust solution, consider something like nodeuuid.js 
This gist describes how to determine how many IDs can be generated before reaching a certain probability of collision. For example, with 3.26×10^{15} version 4 RFC4122 UUIDs you have a 1inamillion chance of collision.