Home

Awesome

Genetic Access Control

What is Genetic Access Control?

Using the 23andme API it is now possible to utilize genetic profile information and likely phenotypes in custom applications. This means you can restrict access to your site based on traits including sex, ancestry, disease susceptability, and arbitrary characteristics associated with single-nucleotide polymorphisms (SNPs) in a person's genotype.

How does it work?

GAC uses the standard third-party authentication mechanism OAuth2 to request minimal permissions from 23andme on behalf of the user. The user is presented with a dialog asking them to approve the sharing of certain genetic data with your application.
If the request is approved a temporary access token is passed to your application which can be used to make API requests to retrieve information, such as ancestry composition and SNP nucleotide sequences. This data can then be used to grant or restrict authorization.

Possible uses

Flaws

Demonstration

OAuth2
Success
Fail

Running

CLIENT_ID='a0830ba98c035c9fd9a0c80a'
CLIENT_SECRET='70a65e7876c6b68975a87c67b'
REDIRECT_URI='http://example.com/receive_code'
DEBUG=True