Find an API

Search public APIs with auth details & Postman guides

← All APIs

Canada Revenue Agency Business Number (BN) API

canada.ca · Government

Government Bearer Token Free & Open Government Financial Services Legal & Compliance Tax Business Registry Compliance

The CRA Business Number (BN) is Canada's 9-digit federal business identifier. The CRA's Business Registration Online (BRO) provides limited public lookup functionality. The Canada Revenue Agency exposes business number validation and GST/HST registrant lookup through the Business Number Web Service (BNWS). Used for supplier validation, KYC, and tax compliance workflows. Note: full tax filing APIs require formal CRA partnerships (Represent a Client, EFILE/NETFILE).

Authentication

Bearer Token CRA partner API access requires a formal partnership agreement with CRA. EFILE/NETFILE software developers must enroll in CRA's Developer Program. Contact cra-arc.gc.ca for partnership inquiries.

Sample Requests

GET GST/HST registrant lookup (public)

Public GST/HST Registry lookup. Not a formal REST API — scrape-resistant web form. For programmatic access, enroll in the CRA's Business Number Web Service (BNWS) partner program.

https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/https:/www.businessregistration.gc.ca/cgi-bin/br/sbin/ebr0512?lang=eng&query=GST_lookup

Hover any highlighted part to learn what it does

curl -X GET "https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/https://www.businessregistration.gc.ca/cgi-bin/br/sbin/ebr0512?lang=eng&query=GST_lookup" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"
import requests
params = {
    "lang": "eng",
    "query": "GST_lookup"
}
headers = {
    "Authorization": "Bearer YOUR_ACCESS_TOKEN"
}
response = requests.get(
    "https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/https://www.businessregistration.gc.ca/cgi-bin/br/sbin/ebr0512",
    params=params,
    headers=headers,
)
print(response.json())
const url = new URL('https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/https://www.businessregistration.gc.ca/cgi-bin/br/sbin/ebr0512');
url.searchParams.set('lang', 'eng');
url.searchParams.set('query', 'GST_lookup');

const response = await fetch(url, {
  headers: {
    'Authorization': 'Bearer YOUR_ACCESS_TOKEN'
  },
}); 
const data = await response.json();
console.log(data);
package main

import (
	"fmt"
	"io"
	"net/http"
	"net/url"
)

func main() {
	baseURL, _ := url.Parse("https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/https://www.businessregistration.gc.ca/cgi-bin/br/sbin/ebr0512")
	q := baseURL.Query()
	q.Set("lang", "eng")
	q.Set("query", "GST_lookup")
	baseURL.RawQuery = q.Encode()
	targetURL := baseURL.String()
	req, _ := http.NewRequest("GET", targetURL, nil)
	req.Header.Set("Authorization", "Bearer YOUR_ACCESS_TOKEN")

	client := &http.Client{}
	resp, _ := client.Do(req)
	defer resp.Body.Close()
	body, _ := io.ReadAll(resp.Body)
	fmt.Println(string(body))
}
require "net/http"
require "json"

uri = URI("https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/https://www.businessregistration.gc.ca/cgi-bin/br/sbin/ebr0512")
uri.query = URI.encode_www_form({
  "lang" => "eng",
  "query" => "GST_lookup"
})

http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"

req = Net::HTTP::Get.new(uri)
req["Authorization"] = "Bearer YOUR_ACCESS_TOKEN"

res = http.request(req)
puts JSON.parse(res.body)
<?php
$url = "https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/https://www.businessregistration.gc.ca/cgi-bin/br/sbin/ebr0512?" . http_build_query([
    "lang" => "eng",
    "query" => "GST_lookup"
]);
$opts = ["http" => [
    "method" => "GET",
    "header" => implode("\r\n", [
        "Authorization: Bearer YOUR_ACCESS_TOKEN"
    ]),
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));
POST T4/payroll filing (EFILE partner)

Submit T4 payroll slips via the CRA EFILE partner API. Requires formal CRA software developer registration and certification. Test environment at: test.cra-arc.gc.ca/efile.

https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/efile/v1/t4/submit

Hover any highlighted part to learn what it does

Headers — extra info sent with the request
Content-Type application/json
Authorization Bearer YOUR_CRA_TOKEN
Request Body — data you're sending
{
  "slips": [
    {
      "employerBN": "987654321",
      "ei_premiums": 1200,
      "employeeSIN": "123456789",
      "cpp_contributions": 3500,
      "employment_income": 85000
    }
  ],
  "taxYear": 2023,
  "transmitterBN": "123456789"
}
curl -X POST "https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/efile/v1/t4/submit" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"slips":[{"employerBN":"987654321","ei_premiums":1200,"employeeSIN":"123456789","cpp_contributions":3500,"employment_income":85000}],"taxYear":2023,"transmitterBN":"123456789"}'
import requests
headers = {
    "Content-Type": "application/json",
    "Authorization": "Bearer YOUR_ACCESS_TOKEN"
}
data = {
    "slips": [
        {
            "employerBN": "987654321",
            "ei_premiums": 1200,
            "employeeSIN": "123456789",
            "cpp_contributions": 3500,
            "employment_income": 85000
        }
    ],
    "taxYear": 2023,
    "transmitterBN": "123456789"
}
response = requests.post(
    "https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/efile/v1/t4/submit",
    headers=headers,
    json=data,
)
print(response.json())
const url = 'https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/efile/v1/t4/submit';

const response = await fetch(url, {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer YOUR_ACCESS_TOKEN'
  },
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
  "slips": [
    {
      "employerBN": "987654321",
      "ei_premiums": 1200,
      "employeeSIN": "123456789",
      "cpp_contributions": 3500,
      "employment_income": 85000
    }
  ],
  "taxYear": 2023,
  "transmitterBN": "123456789"
}),
}); 
const data = await response.json();
console.log(data);
package main

import (
	"fmt"
	"io"
	"net/http"
	"bytes"
	"encoding/json"
)

func main() {
	targetURL := "https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/efile/v1/t4/submit"
	jsonData, _ := json.Marshal({"slips":[{"employerBN":"987654321","ei_premiums":1200,"employeeSIN":"123456789","cpp_contributions":3500,"employment_income":85000}],"taxYear":2023,"transmitterBN":"123456789"})
	req, _ := http.NewRequest("POST", targetURL, bytes.NewBuffer(jsonData))
	req.Header.Set("Content-Type", "application/json")
	req.Header.Set("Authorization", "Bearer YOUR_ACCESS_TOKEN")
	req.Header.Set("Content-Type", "application/json")

	client := &http.Client{}
	resp, _ := client.Do(req)
	defer resp.Body.Close()
	body, _ := io.ReadAll(resp.Body)
	fmt.Println(string(body))
}
require "net/http"
require "json"

uri = URI("https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/efile/v1/t4/submit")

http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"

req = Net::HTTP::Post.new(uri)
req["Content-Type"] = "application/json"
req["Authorization"] = "Bearer YOUR_ACCESS_TOKEN"
req["Content-Type"] = "application/json"
req.body = "{\"slips\":[{\"employerBN\":\"987654321\",\"ei_premiums\":1200,\"employeeSIN\":\"123456789\",\"cpp_contributions\":3500,\"employment_income\":85000}],\"taxYear\":2023,\"transmitterBN\":\"123456789\"}"

res = http.request(req)
puts JSON.parse(res.body)
<?php
$url = "https://www.canada.ca/en/revenue-agency/corporate/about-canada-revenue-agency-cra/partnerships/bnws.html/efile/v1/t4/submit";
$opts = ["http" => [
    "method" => "POST",
    "header" => implode("\r\n", [
        "Content-Type: application/json",
        "Authorization: Bearer YOUR_ACCESS_TOKEN",
        "Content-Type: application/json"
    ]),
    "content" => json_encode({"slips":[{"employerBN":"987654321","ei_premiums":1200,"employeeSIN":"123456789","cpp_contributions":3500,"employment_income":85000}],"taxYear":2023,"transmitterBN":"123456789"}),
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));

Postman Setup Guide

Get Postman ↗
  1. CRA does not have a general-purpose public REST API — most access is via partner programs
  2. For GST/HST number validation: use the Business Registration Online (BRO) system
  3. To build tax filing software: enroll in CRA's EFILE/NETFILE Software Developer Program
  4. CRA's Represent a Client (RAC) API allows authorized tax preparers to access client data
  5. Open Data: CRA publishes aggregate tax statistics at open.canada.ca — search "CRA statistics"
  6. Business Number lookup tool: businessregistration.gc.ca (web form, no public API)

What can you build with Canada Revenue Agency Business Number (BN) API?

Canada Revenue Agency Business Number (BN) API is a Government API. Developers commonly use government APIs for:

  • surfacing public datasets in citizen-facing apps
  • building transparency and civic engagement tools
  • accessing legislation, court records, and official data
  • powering research and journalism tools
  • creating compliance and regulatory monitoring dashboards

Bearer token. Your app exchanges credentials for a short-lived token, then sends it as an Authorization header. Tokens expire, so your code needs to handle renewal. Canada Revenue Agency Business Number (BN) API is free to use, making it a low-risk choice to experiment with.

New to APIs? Read our beginner's guide · Learn about API keys · What is REST?

Open documentation ↗