Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Is there a method (API) to query ORY, whether a password will be accepted or is rejected because of a breach, before actually creating an account?

No. You can look into <https://haveibeenpwned.com/API/v3> for breach detection.

I don’t think this is really what I have in mind. I don’t want to check, whether my email is part of a breach.
Ory checks new password when I sign up a new user. I would like to test before actually submitting a sign up flow, whether the password the user entered so far will be accepted by Ory, presenting a green checkmark. Is that possible?

No, this is not possible.
You can add a feature request with an explanation of your specific usecase here <https://github.com/ory/network/issues/new?assignees=&amp;labels=feat&amp;template=FEATURE-REQUEST.yml>

<@U04DA2XTHPG> is it possible to turn this off?

I would recommend not to do this.
You can tweak your password policies: <https://www.ory.sh/docs/concepts/password-policy>

please see this issue for validating password strength before submission <https://github.com/ory/kratos/issues/136>

<https://github.com/ory/network/issues/265>