Have I Been Pwned
Welcome to the Have I Been Pwned API support portal! Here you'll find a combination of FAQs and troubleshooting guides, as well as the ability to submit requests. This service is only for users of the public commercial API key, not for general HIBP queries. Start by reviewing the material below and if you still need help, feel free to submit a request.
- Why does my domain show more email addresses than what could possibly exist?
- Is it possible to purchase an API key at a higher rate limit than is listed on the website?
- What currency are your services charged in?
- How do I unsubscribe from email alerts when addresses on my domain are in a data breach?
- Do you have a data processing addendum (DPA) you can send us?
- What subscription size do I need to search my domain?
- Why do I get a cross-origin resource sharing (CORS) exception when calling an authenticated API from the browser?
- The HIBP API is working correctly but I can't get my code to work, can you help?
- How can I get troubleshooting support for an unexplainable problem with the API?
- Why do I keep getting HTTP 429 "Too Many Requests" when querying within the rate limit?
- Why do all requests return HTTP 401 "Unauthorised"?