Do you mean that your clients should determine the client-side MAC address and use it for authentication purpose?
Sorry, this is beyond our knowledge.
This depends on the availability of third party libraries, but if the client code runs in a browser, I don't think it would be allowed.