
Zango Framework
Django-based framework with built-in RBAC, audit logging, workflows, and multi-tenancy for regulated life sciences applications.
Overview
Zango is an open-source, Django-based framework built for regulated industries, including life sciences and pharmaceutical applications. It is designed for development teams that need enterprise-grade capabilities — user management, role-based access control, audit logging, and workflow automation — without proprietary lock-in or black-box components. Developers retain full code ownership and can read, modify, and extend every layer of the stack.
The platform is structured in three layers: an application layer for templates, AI agents, and business logic; the Zango framework itself, which provides built-in enterprise capabilities on top of Django; and an infrastructure layer that supports on-premises or cloud deployment with full data ownership. The average deployment timeline is cited as four to eight weeks.
Core Framework Capabilities
- User Management: Covers the complete user lifecycle — creation, activation, deactivation, and profile management — accessible from a unified App Panel.
- Role-Based Access Control (RBAC): Supports unlimited roles with multiple roles assignable per user. Controls route-level and object-level permissions without requiring custom code.
- Policy Framework: Provides fine-grained access policies beyond role-level controls, allowing per-field, per-action, and per-condition rules for any data object.
- Audit Logging: Automatically logs every object change, user action, and system event with timestamps and tamper-evident records. Described as GxP-ready.
- Background Jobs: Supports monitored asynchronous task execution for operations such as report generation, data imports, scheduled processing, and integrations.
- Multi-tenancy: Provides isolated tenant workspaces on shared infrastructure, with separate data, users, and configurations and full isolation guarantees.
Package Ecosystem
- Authentication: Supports username-password login, multi-factor authentication (MFA), single sign-on (SSO), token-based authentication, and session management.
- CRUD: Scaffolded create, read, update, and delete operations with automatic API generation, validation, and database interactions.
- Workflows: A state-machine-based workflow engine for defining states, transitions, guards, and side-effects for any business process.
- Notifications: Multi-channel alerting across email, SMS, push, and in-app channels, with template-driven configuration, scheduling, retry logic, and delivery tracking.
- Communication: Integrated messaging and collaboration features including chat, comments, threads, and activity feeds that can be embedded into any workflow.
- Appointments: A scheduling engine with availability management, conflict detection, reminders, and calendar sync.
- Invoicing and Payments: Covers invoice generation, payment processing, reconciliation, and financial reporting, with audit trails included.
- Login and Signup: Complete user registration flows with verification, onboarding steps, profile management, and password recovery.
Platform Positioning
- Built on standard Python and Django — no proprietary runtime required.
- Fully open source; the entire codebase is readable and auditable.
- Compliance capabilities (audit logging, RBAC, GxP-readiness) are built in, unlike standard web frameworks or low-code platforms.
- Operational costs are described as lower than proprietary platforms and low-code tools, while supporting complex application requirements.
- Code ownership is retained entirely by the deploying organisation, with no vendor lock-in.
Zango is installable via pip and can be deployed on-premises or in cloud environments. The package ecosystem is described as continuously expanding. The framework is positioned for teams building regulated-industry applications that require compliance infrastructure, developer transparency, and the ability to handle complex workflows without relying on proprietary tooling.
