The Pwned Passwords API is free and does not require a subscription.
There is no rate limit imposed on the Pwned Passwords API, and there are no licensing or attribution requirements associated with its use.
You can integrate it directly into your applications or workflows to check whether a password has previously appeared in a data breach, without sending the full password to our service.
For full technical details and implementation guidance, you can find more information about how the Pwned Passwords API works here:
https://haveibeenpwned.com/API/v3