Melange offers a system for implementing fine-grained, relationship-based authorization directly within PostgreSQL databases. Designed to eliminate the need for external services or sidecars, it compiles OpenFGA schemas into optimized SQL functions that operate entirely inside the database environment. This approach enables organizations to enforce access control policies natively, with permission checks that are both transaction-aware and always in sync with the underlying domain data.
The tool is compatible with the OpenFGA schema language, supporting full conformance with Schema 1.1 and validated against the official OpenFGA test suite. Users can define authorization models using constructs such as direct assignments, computed usersets, unions, intersections, exclusions, tuple-to-userset, wildcards, userset references, and contextual tuples. Melange generates purpose-built SQL functions for each relation in the schema, with role hierarchies resolved at compile time and inlined into SQL. This design allows for constant-time (O(1)) permission checks, with observed speeds of 300-600 microseconds regardless of the number of tuples.
Authorization data is derived from SQL views mapped over existing domain tables, removing the need for a separate tuple store and ensuring that permission checks reflect the most current transactional state. The system avoids data duplication and synchronization jobs, and permission checks can see uncommitted changes within the same transaction, preventing issues associated with eventual consistency or stale authorization data.
Developers can interact with Melange through Go and TypeScript client libraries or by calling the generated SQL functions directly from any language that connects to PostgreSQL. The generated functions can be used in application code, triggers, or PostgreSQL row-level security (RLS) policies. Melange is distributed as free, open source software, allowing users to install it via package managers and integrate it into their existing workflows without vendor lock-in. It is not affiliated with or endorsed by OpenFGA or Okta.
Melange sits in PulseGate's Auth & identity category. It focuses on enabling PostgreSQL users to implement fine-grained, relationship-based access control without external services. It is built as an open-source project for postgreSQL database administrators and developers. Melange is open source under the MIT license. Melange is available on the command line, and it can be self-hosted.
It is developed by Melange contributors, and the product first shipped in 2026. Development happens publicly on GitHub with 74 stars and 73 commits in the last 90 days. Key capabilities include zanzibar-style authorization, postgreSQL integration, and openFGA compatibility.
Latest indexed changes and source events
Other apps tracked under the same category.