GUID / UUID Regex Patterns - Validation & Best Practices

Canonical GUID / UUID (hyphenated)

Matches the standard 8-4-4-4-12 representation with hex digits (case-insensitive).

^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$

Canonical + version (1-8) + RFC variant (8/9/a/b)

Enforces that the GUID / UUID is one of the modern versions (1 through 8) and uses the standard RFC variant (8, 9, a, or b).

^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}$

Accept common input variants (braces and URN)

Accepts any of these forms: uuid, {uuid}, or urn:uuid:uuid. Useful for UI input fields where users paste different styles.

^(?:urn:uuid:)?(?:\{[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}\}|[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$

Empty GUID / Nil UUID (all zeros)

Sometimes you want to explicitly detect an Empty GUID / Nil UUID.

^00000000-0000-0000-0000-000000000000$

Practical notes

• Normalize first: trim whitespace, optionally strip urn:uuid: and braces, then validate.
• Prefer parsing in code: use your platform's UUID/GUID parser after regex checks to avoid edge cases.
• Version and variant are separate: version is the first hex digit of the third group; variant is the first hex digit of the fourth group.
• Don't over-constrain input: if your app accepts uppercase or braces, reflect that in validation and normalization, not in your database storage.

Try our GUID / UUID Inspector to validate your input.