The Breach Account API allows you to programmatically query whether an individual email address has appeared in known data breaches. It is designed for integration into your own systems, applications or workflows and returns structured breach information for the account being queried.
Please note that the Breach Account API is rate-limited. RPM stands for requests per minute. The higher the subscription tier, the higher the available rate limit. For example, a Core 4 subscription includes a rate limit of 500 RPM, which allows you to query up to 500 email addresses per minute.
You can view our rate-limited subscription tiers here: https://haveibeenpwned.com/Subscription
You can watch our recorded demo here: https://haveibeenpwned.com/Demos
For full technical details, including authentication requirements and endpoint documentation, please refer to our API documentation https://haveibeenpwned.com/API/v3