diff --git a/api/db/migrations/1775081823814-event-whitelist.ts b/api/db/migrations/1775081823814-event-whitelist.ts
new file mode 100644
index 00000000..d85b470d
--- /dev/null
+++ b/api/db/migrations/1775081823814-event-whitelist.ts
@@ -0,0 +1,22 @@
+import { MigrationInterface, QueryRunner } from "typeorm";
+
+export class EventWhitelist1775081823814 implements MigrationInterface {
+    name = 'EventWhitelist1775081823814'
+
+    public async up(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE "event_whitelists" DROP CONSTRAINT "FK_event_whitelists_event"`);
+        await queryRunner.query(`DROP INDEX "public"."UQ_event_whitelists_event_username_platform"`);
+        await queryRunner.query(`ALTER TABLE "event_whitelists" ALTER COLUMN "eventId" DROP NOT NULL`);
+        await queryRunner.query(`ALTER TABLE "event_whitelists" ADD CONSTRAINT "UQ_1e66e3e9750244ea3f6563a6d49" UNIQUE ("eventId", "username", "platform")`);
+        await queryRunner.query(`ALTER TABLE "event_whitelists" ADD CONSTRAINT "FK_17ccbcee3723a35d6d691532c22" FOREIGN KEY ("eventId") REFERENCES "events"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+    }
+
+    public async down(queryRunner: QueryRunner): Promise<void> {
+        await queryRunner.query(`ALTER TABLE "event_whitelists" DROP CONSTRAINT "FK_17ccbcee3723a35d6d691532c22"`);
+        await queryRunner.query(`ALTER TABLE "event_whitelists" DROP CONSTRAINT "UQ_1e66e3e9750244ea3f6563a6d49"`);
+        await queryRunner.query(`ALTER TABLE "event_whitelists" ALTER COLUMN "eventId" SET NOT NULL`);
+        await queryRunner.query(`CREATE UNIQUE INDEX "UQ_event_whitelists_event_username_platform" ON "event_whitelists" ("eventId", "platform", "username") `);
+        await queryRunner.query(`ALTER TABLE "event_whitelists" ADD CONSTRAINT "FK_event_whitelists_event" FOREIGN KEY ("eventId") REFERENCES "events"("id") ON DELETE CASCADE ON UPDATE NO ACTION`);
+    }
+
+}
diff --git a/api/src/event/dtos/whitelistDto.ts b/api/src/event/dtos/whitelistDto.ts
new file mode 100644
index 00000000..b3fdbfc0
--- /dev/null
+++ b/api/src/event/dtos/whitelistDto.ts
@@ -0,0 +1,24 @@
+import { IsArray, IsEnum, IsString, ValidateNested } from "class-validator";
+import { Type } from "class-transformer";
+import { WhitelistPlatform } from "../entities/event-whitelist.entity";
+
+export class WhitelistEntryDto {
+  @IsString()
+  username: string;
+
+  @IsEnum(WhitelistPlatform)
+  platform: WhitelistPlatform;
+}
+
+export class AddToWhitelistDto {
+  @IsArray()
+  @ValidateNested({ each: true })
+  @Type(() => WhitelistEntryDto)
+  entries: WhitelistEntryDto[];
+}
+
+export class BulkDeleteWhitelistDto {
+  @IsArray()
+  @IsString({ each: true })
+  ids: string[];
+}
diff --git a/api/src/event/entities/event-whitelist.entity.ts b/api/src/event/entities/event-whitelist.entity.ts
new file mode 100644
index 00000000..78cfc927
--- /dev/null
+++ b/api/src/event/entities/event-whitelist.entity.ts
@@ -0,0 +1,35 @@
+import {
+  Entity,
+  Column,
+  PrimaryGeneratedColumn,
+  CreateDateColumn,
+  ManyToOne,
+  Unique,
+} from "typeorm";
+import { EventEntity } from "./event.entity";
+
+export enum WhitelistPlatform {
+  GITHUB = "GITHUB",
+  FORTYTWO = "FORTYTWO",
+}
+
+@Entity("event_whitelists")
+@Unique(["event", "username", "platform"])
+export class EventWhitelistEntity {
+  @PrimaryGeneratedColumn("uuid")
+  id: string;
+
+  @Column({ type: "enum", enum: WhitelistPlatform })
+  platform: WhitelistPlatform;
+
+  @Column()
+  username: string;
+
+  @ManyToOne(() => EventEntity, {
+    onDelete: "CASCADE",
+  })
+  event: EventEntity;
+
+  @CreateDateColumn()
+  createdAt: Date;
+}
diff --git a/api/src/event/entities/event.entity.ts b/api/src/event/entities/event.entity.ts
index 971a8a27..57734ab3 100644
--- a/api/src/event/entities/event.entity.ts
+++ b/api/src/event/entities/event.entity.ts
@@ -15,6 +15,7 @@ import {
 import { TeamEntity } from "../../team/entities/team.entity";
 import { Exclude } from "class-transformer";
 import { EventStarterTemplateEntity } from "./event-starter-template.entity";
+import { EventWhitelistEntity } from "./event-whitelist.entity";
 
 @Entity("events")
 export class EventEntity {
@@ -121,4 +122,9 @@ export class EventEntity {
     cascade: true,
   })
   starterTemplates: EventStarterTemplateEntity[];
+
+  @OneToMany(() => EventWhitelistEntity, (whitelist) => whitelist.event, {
+    onDelete: "CASCADE",
+  })
+  whitelists: EventWhitelistEntity[];
 }
diff --git a/api/src/event/event.controller.ts b/api/src/event/event.controller.ts
index 7cb608a5..2112ebc1 100644
--- a/api/src/event/event.controller.ts
+++ b/api/src/event/event.controller.ts
@@ -20,6 +20,7 @@ import { SetLockTeamsDateDto } from "./dtos/setLockTeamsDateDto";
 import { UpdateEventSettingsDto } from "./dtos/updateEventSettingsDto";
 import { CreateEventStarterTemplateDto } from "./dtos/createEventStarterTemplateDto";
 import { UpdateEventStarterTemplateDto } from "./dtos/updateEventStarterTemplateDto";
+import { AddToWhitelistDto, BulkDeleteWhitelistDto } from "./dtos/whitelistDto";
 import { JwtAuthGuard } from "../auth/jwt-auth.guard";
 import { UserId } from "../guards/UserGuard";
 
@@ -169,6 +170,28 @@ export class EventController {
       );
     }
 
+    const event = await this.eventService.getEventById(eventId);
+
+    if (event.isPrivate) {
+      const user = await this.userService.getUserById(userId);
+      const socialAccounts = user.socialAccounts || [];
+      const fortyTwoAccount = socialAccounts.find(
+        (sa) => sa.platform === "42",
+      );
+
+      const isWhitelisted = await this.eventService.isUserWhitelistedForEvent(
+        eventId,
+        user.username,
+        fortyTwoAccount?.username || null,
+      );
+
+      if (!isWhitelisted) {
+        throw new UnauthorizedException(
+          "You are not whitelisted for this private event.",
+        );
+      }
+    }
+
     this.logger.log({ action: "attempt_join_event", userId, eventId });
 
     return this.userService.joinEvent(userId, eventId);
@@ -377,4 +400,79 @@ export class EventController {
     });
     return this.eventService.deleteStarterTemplate(eventId, templateId);
   }
+
+  @UseGuards(JwtAuthGuard)
+  @Get(":id/whitelist")
+  async getWhitelist(
+    @Param("id", new ParseUUIDPipe()) eventId: string,
+    @UserId() userId: string,
+  ) {
+    if (!(await this.eventService.isEventAdmin(eventId, userId))) {
+      throw new UnauthorizedException("You are not an admin of this event");
+    }
+    return this.eventService.getWhitelist(eventId);
+  }
+
+  @UseGuards(JwtAuthGuard)
+  @Post(":id/whitelist")
+  async addToWhitelist(
+    @Param("id", new ParseUUIDPipe()) eventId: string,
+    @UserId() userId: string,
+    @Body() body: AddToWhitelistDto,
+  ) {
+    if (!(await this.eventService.isEventAdmin(eventId, userId))) {
+      throw new UnauthorizedException("You are not an admin of this event");
+    }
+
+    this.logger.log({
+      action: "attempt_add_to_whitelist",
+      userId,
+      eventId,
+      entriesCount: body.entries.length,
+    });
+
+    return this.eventService.addToWhitelist(eventId, body.entries);
+  }
+
+  @UseGuards(JwtAuthGuard)
+  @Delete(":id/whitelist/:whitelistId")
+  async removeFromWhitelist(
+    @Param("id", new ParseUUIDPipe()) eventId: string,
+    @Param("whitelistId", new ParseUUIDPipe()) whitelistId: string,
+    @UserId() userId: string,
+  ) {
+    if (!(await this.eventService.isEventAdmin(eventId, userId))) {
+      throw new UnauthorizedException("You are not an admin of this event");
+    }
+
+    this.logger.log({
+      action: "attempt_remove_from_whitelist",
+      userId,
+      eventId,
+      whitelistId,
+    });
+
+    return this.eventService.removeFromWhitelist(eventId, whitelistId);
+  }
+
+  @UseGuards(JwtAuthGuard)
+  @Post(":id/whitelist/bulk-delete")
+  async bulkRemoveFromWhitelist(
+    @Param("id", new ParseUUIDPipe()) eventId: string,
+    @UserId() userId: string,
+    @Body() body: BulkDeleteWhitelistDto,
+  ) {
+    if (!(await this.eventService.isEventAdmin(eventId, userId))) {
+      throw new UnauthorizedException("You are not an admin of this event");
+    }
+
+    this.logger.log({
+      action: "attempt_bulk_remove_from_whitelist",
+      userId,
+      eventId,
+      idsCount: body.ids.length,
+    });
+
+    return this.eventService.bulkRemoveFromWhitelist(eventId, body.ids);
+  }
 }
diff --git a/api/src/event/event.module.ts b/api/src/event/event.module.ts
index 799c1896..2b876cc8 100644
--- a/api/src/event/event.module.ts
+++ b/api/src/event/event.module.ts
@@ -9,6 +9,7 @@ import { UserEventPermissionEntity } from "../user/entities/user.entity";
 import { CheckController } from "./check.controller";
 
 import { EventStarterTemplateEntity } from "./entities/event-starter-template.entity";
+import { EventWhitelistEntity } from "./entities/event-whitelist.entity";
 
 @Module({
   imports: [
@@ -16,6 +17,7 @@ import { EventStarterTemplateEntity } from "./entities/event-starter-template.en
       EventEntity,
       UserEventPermissionEntity,
       EventStarterTemplateEntity,
+      EventWhitelistEntity,
     ]),
     UserModule,
     forwardRef(() => TeamModule),
diff --git a/api/src/event/event.service.ts b/api/src/event/event.service.ts
index fbf59aab..cffd0ee3 100644
--- a/api/src/event/event.service.ts
+++ b/api/src/event/event.service.ts
@@ -10,8 +10,10 @@ import {
 import { InjectRepository } from "@nestjs/typeorm";
 import { EventEntity } from "./entities/event.entity";
 import { EventStarterTemplateEntity } from "./entities/event-starter-template.entity";
+import { EventWhitelistEntity } from "./entities/event-whitelist.entity";
 import {
   DataSource,
+  In,
   IsNull,
   LessThanOrEqual,
   MoreThanOrEqual,
@@ -29,6 +31,7 @@ import { FindOptionsRelations } from "typeorm/find-options/FindOptionsRelations"
 import { Cron, CronExpression } from "@nestjs/schedule";
 import { EventVersionDto } from "./dtos/eventVersionDto";
 import { LockKeys } from "../constants";
+import { WhitelistPlatform } from "./entities/event-whitelist.entity";
 
 @Injectable()
 export class EventService {
@@ -39,6 +42,8 @@ export class EventService {
     private readonly permissionRepository: Repository<UserEventPermissionEntity>,
     @InjectRepository(EventStarterTemplateEntity)
     private readonly templateRepository: Repository<EventStarterTemplateEntity>,
+    @InjectRepository(EventWhitelistEntity)
+    private readonly whitelistRepository: Repository<EventWhitelistEntity>,
     private readonly configService: ConfigService,
     @Inject(forwardRef(() => TeamService))
     private readonly teamService: TeamService,
@@ -666,4 +671,143 @@ export class EventService {
       canCreateTeam: true,
     });
   }
+
+  async getWhitelist(eventId: string): Promise<EventWhitelistEntity[]> {
+    return this.whitelistRepository.find({
+      where: { event: { id: eventId } },
+      order: { createdAt: "DESC" },
+    });
+  }
+
+  async addToWhitelist(
+    eventId: string,
+    entries: { username: string; platform: WhitelistPlatform }[],
+  ): Promise<EventWhitelistEntity[]> {
+    const event = await this.getEventById(eventId);
+    const normalizedEntries = entries.map((entry) => ({
+      username: entry.username.toLowerCase(),
+      platform: entry.platform,
+    }));
+
+    const uniqueInputEntries = [
+      ...new Map(
+        normalizedEntries.map((e) => [`${e.username}:${e.platform}`, e]),
+      ).values(),
+    ];
+
+    const existingEntries = await this.whitelistRepository.find({
+      where: {
+        event: { id: eventId },
+      },
+    });
+
+    const existingSet = new Set(
+      existingEntries.map((e) => `${e.username}:${e.platform}`),
+    );
+
+    const newEntries = uniqueInputEntries.filter(
+      (entry) => !existingSet.has(`${entry.username}:${entry.platform}`),
+    );
+
+    if (newEntries.length === 0) {
+      return [];
+    }
+
+    const whitelistEntries = newEntries.map((entry) =>
+      this.whitelistRepository.create({
+        event,
+        username: entry.username,
+        platform: entry.platform,
+      }),
+    );
+
+    return this.whitelistRepository.save(whitelistEntries);
+  }
+
+  async removeFromWhitelist(
+    eventId: string,
+    whitelistId: string,
+  ): Promise<void> {
+    await this.whitelistRepository.delete({
+      id: whitelistId,
+      event: { id: eventId },
+    });
+  }
+
+  async bulkRemoveFromWhitelist(
+    eventId: string,
+    ids: string[],
+  ): Promise<void> {
+    await this.whitelistRepository.delete({
+      id: In(ids),
+      event: { id: eventId },
+    });
+  }
+
+  async hasWhitelist(eventId: string): Promise<boolean> {
+    return this.whitelistRepository.existsBy({
+      event: { id: eventId },
+    });
+  }
+
+  async isUserWhitelisted(
+    eventId: string,
+    githubUsername: string,
+    fortyTwoUsername: string | null,
+  ): Promise<boolean> {
+    const conditions: { username: string; platform: WhitelistPlatform }[] = [
+      { username: githubUsername.toLowerCase(), platform: WhitelistPlatform.GITHUB },
+    ];
+
+    if (fortyTwoUsername) {
+      conditions.push({
+        username: fortyTwoUsername.toLowerCase(),
+        platform: WhitelistPlatform.FORTYTWO,
+      });
+    }
+
+    return this.whitelistRepository.existsBy({
+      event: { id: eventId },
+      ...conditions.reduce(
+        (acc, cond, idx) => {
+          if (idx === 0) {
+            return { username: cond.username, platform: cond.platform };
+          }
+          return acc;
+        },
+        {} as { username?: string; platform?: WhitelistPlatform },
+      ),
+    });
+  }
+
+  async isUserWhitelistedForEvent(
+    eventId: string,
+    githubUsername: string,
+    fortyTwoUsername: string | null,
+  ): Promise<boolean> {
+    const hasWhitelist = await this.hasWhitelist(eventId);
+    if (!hasWhitelist) {
+      return true;
+    }
+
+    const queryBuilder = this.whitelistRepository
+      .createQueryBuilder("whitelist")
+      .where("whitelist.eventId = :eventId", { eventId })
+      .andWhere(
+        "(whitelist.username = :githubUsername AND whitelist.platform = :githubPlatform)",
+        { githubUsername: githubUsername.toLowerCase(), githubPlatform: WhitelistPlatform.GITHUB },
+      );
+
+    if (fortyTwoUsername) {
+      queryBuilder.orWhere(
+        "(whitelist.username = :fortyTwoUsername AND whitelist.platform = :fortyTwoPlatform)",
+        {
+          fortyTwoUsername: fortyTwoUsername.toLowerCase(),
+          fortyTwoPlatform: WhitelistPlatform.FORTYTWO,
+        },
+      );
+    }
+
+    return queryBuilder.getExists();
+  }
 }
diff --git a/api/src/user/user.service.ts b/api/src/user/user.service.ts
index 7b1f47ed..3c9b0aa4 100644
--- a/api/src/user/user.service.ts
+++ b/api/src/user/user.service.ts
@@ -111,8 +111,9 @@ export class UserService {
   }
 
   getUserById(userId: string) {
-    return this.userRepository.findOneByOrFail({
-      id: userId,
+    return this.userRepository.findOneOrFail({
+      where: { id: userId },
+      relations: ["socialAccounts"],
     });
   }
 
diff --git a/frontend/app/actions/event.ts b/frontend/app/actions/event.ts
index da4cb41f..672d7f6c 100644
--- a/frontend/app/actions/event.ts
+++ b/frontend/app/actions/event.ts
@@ -91,9 +91,8 @@ export async function getParticipantsCountForEvent(
 }
 
 // Join a user to an event
-export async function joinEvent(eventId: string): Promise<boolean> {
-  await axiosInstance.put(`event/${eventId}/join`);
-  return true;
+export async function joinEvent(eventId: string): Promise<ServerActionResponse<boolean>> {
+  return await handleError(axiosInstance.put(`event/${eventId}/join`));
 }
 
 // Interface for creating events
@@ -243,3 +242,43 @@ export async function deleteStarterTemplate(
     axiosInstance.delete(`event/${eventId}/templates/${templateId}`),
   );
 }
+
+export interface WhitelistEntry {
+  id: string;
+  username: string;
+  platform: "GITHUB" | "FORTYTWO";
+  createdAt: string;
+}
+
+export async function getEventWhitelist(
+  eventId: string,
+): Promise<ServerActionResponse<WhitelistEntry[]>> {
+  return await handleError(axiosInstance.get(`event/${eventId}/whitelist`));
+}
+
+export async function addToWhitelist(
+  eventId: string,
+  entries: { username: string; platform: "GITHUB" | "FORTYTWO" }[],
+): Promise<ServerActionResponse<WhitelistEntry[]>> {
+  return await handleError(
+    axiosInstance.post(`event/${eventId}/whitelist`, { entries }),
+  );
+}
+
+export async function removeFromWhitelist(
+  eventId: string,
+  whitelistId: string,
+): Promise<ServerActionResponse<void>> {
+  return await handleError(
+    axiosInstance.delete(`event/${eventId}/whitelist/${whitelistId}`),
+  );
+}
+
+export async function bulkRemoveFromWhitelist(
+  eventId: string,
+  ids: string[],
+): Promise<ServerActionResponse<void>> {
+  return await handleError(
+    axiosInstance.post(`event/${eventId}/whitelist/bulk-delete`, { ids }),
+  );
+}
diff --git a/frontend/app/events/[id]/dashboard/components/WhitelistManagement.tsx b/frontend/app/events/[id]/dashboard/components/WhitelistManagement.tsx
new file mode 100644
index 00000000..93ea5e6a
--- /dev/null
+++ b/frontend/app/events/[id]/dashboard/components/WhitelistManagement.tsx
@@ -0,0 +1,280 @@
+"use client";
+
+import { useMutation, useQuery, useQueryClient } from "@tanstack/react-query";
+import { Loader2, Trash2 } from "lucide-react";
+import { useState } from "react";
+import { toast } from "sonner";
+import { isActionError } from "@/app/actions/errors";
+import {
+  addToWhitelist,
+  bulkRemoveFromWhitelist,
+  getEventWhitelist,
+  removeFromWhitelist,
+} from "@/app/actions/event";
+import { Badge } from "@/components/ui/badge";
+import { Button } from "@/components/ui/button";
+import {
+  Card,
+  CardContent,
+  CardDescription,
+  CardHeader,
+  CardTitle,
+} from "@/components/ui/card";
+import { Checkbox } from "@/components/ui/checkbox";
+import { Label } from "@/components/ui/label";
+import {
+  Select,
+  SelectContent,
+  SelectItem,
+  SelectTrigger,
+  SelectValue,
+} from "@/components/ui/select";
+import {
+  Table,
+  TableBody,
+  TableCell,
+  TableHead,
+  TableHeader,
+  TableRow,
+} from "@/components/ui/table";
+import { Textarea } from "@/components/ui/textarea";
+
+interface WhitelistManagementProps {
+  eventId: string;
+}
+
+export function WhitelistManagement({ eventId }: WhitelistManagementProps) {
+  const queryClient = useQueryClient();
+  const [usernames, setUsernames] = useState("");
+  const [platform, setPlatform] = useState<"GITHUB" | "FORTYTWO">("GITHUB");
+  const [selectedIds, setSelectedIds] = useState<Set<string>>(new Set());
+
+  const { data: whitelist = [], isLoading } = useQuery({
+    queryKey: ["event", eventId, "whitelist"],
+    queryFn: async () => {
+      const result = await getEventWhitelist(eventId);
+      if (isActionError(result))
+        throw new Error(result.error);
+      return result;
+    },
+  });
+
+  const addMutation = useMutation({
+    mutationFn: async (entries: { username: string; platform: "GITHUB" | "FORTYTWO" }[]) => {
+      const result = await addToWhitelist(eventId, entries);
+      if (isActionError(result))
+        throw new Error(result.error);
+      return result;
+    },
+    onSuccess: () => {
+      toast.success("Users added to whitelist");
+      setUsernames("");
+      queryClient.invalidateQueries({ queryKey: ["event", eventId, "whitelist"] });
+    },
+    onError: (e: any) => toast.error(e.message),
+  });
+
+  const removeMutation = useMutation({
+    mutationFn: async (whitelistId: string) => {
+      const result = await removeFromWhitelist(eventId, whitelistId);
+      if (isActionError(result))
+        throw new Error(result.error);
+      return result;
+    },
+    onSuccess: () => {
+      toast.success("User removed from whitelist");
+      queryClient.invalidateQueries({ queryKey: ["event", eventId, "whitelist"] });
+    },
+    onError: (e: any) => toast.error(e.message),
+  });
+
+  const bulkRemoveMutation = useMutation({
+    mutationFn: async (ids: string[]) => {
+      const result = await bulkRemoveFromWhitelist(eventId, ids);
+      if (isActionError(result))
+        throw new Error(result.error);
+      return result;
+    },
+    onSuccess: () => {
+      toast.success("Users removed from whitelist");
+      setSelectedIds(new Set());
+      queryClient.invalidateQueries({ queryKey: ["event", eventId, "whitelist"] });
+    },
+    onError: (e: any) => toast.error(e.message),
+  });
+
+  const handleAdd = () => {
+    const lines = usernames
+      .split("\n")
+      .map(line => line.trim().toLowerCase())
+      .filter(line => line.length > 0);
+
+    if (lines.length === 0) {
+      toast.error("Please enter at least one username");
+      return;
+    }
+
+    const entries = lines.map(username => ({ username, platform }));
+    addMutation.mutate(entries);
+  };
+
+  const toggleSelect = (id: string) => {
+    const newSelected = new Set(selectedIds);
+    if (newSelected.has(id)) {
+      newSelected.delete(id);
+    }
+    else {
+      newSelected.add(id);
+    }
+    setSelectedIds(newSelected);
+  };
+
+  const toggleSelectAll = () => {
+    if (selectedIds.size === whitelist.length) {
+      setSelectedIds(new Set());
+    }
+    else {
+      setSelectedIds(new Set(whitelist.map(w => w.id)));
+    }
+  };
+
+  const handleBulkDelete = () => {
+    if (selectedIds.size === 0) {
+      toast.error("Please select users to delete");
+      return;
+    }
+    bulkRemoveMutation.mutate(Array.from(selectedIds));
+  };
+
+  return (
+    <Card>
+      <CardHeader>
+        <CardTitle>Whitelist</CardTitle>
+        <CardDescription>
+          Manage which users can join this private event. If the whitelist is empty, anyone with the link can join.
+        </CardDescription>
+      </CardHeader>
+      <CardContent className="space-y-6">
+        {isLoading
+          ? (
+              <div className="flex justify-center p-4">
+                <Loader2 className="h-6 w-6 animate-spin" />
+              </div>
+            )
+          : (
+              <>
+                <div className="rounded-md border">
+                  <Table>
+                    <TableHeader>
+                      <TableRow>
+                        <TableHead className="w-12.5">
+                          <Checkbox
+                            checked={whitelist.length > 0 && selectedIds.size === whitelist.length}
+                            onCheckedChange={toggleSelectAll}
+                          />
+                        </TableHead>
+                        <TableHead>Username</TableHead>
+                        <TableHead>Platform</TableHead>
+                        <TableHead className="w-25 text-right">Actions</TableHead>
+                      </TableRow>
+                    </TableHeader>
+                    <TableBody>
+                      {whitelist.length === 0
+                        ? (
+                            <TableRow>
+                              <TableCell colSpan={4} className="p-8 text-center text-muted-foreground">
+                                No users whitelisted. Anyone with the event link can join.
+                              </TableCell>
+                            </TableRow>
+                          )
+                        : (
+                            whitelist.map(entry => (
+                              <TableRow key={entry.id}>
+                                <TableCell>
+                                  <Checkbox
+                                    checked={selectedIds.has(entry.id)}
+                                    onCheckedChange={() => toggleSelect(entry.id)}
+                                  />
+                                </TableCell>
+                                <TableCell className="font-mono">{entry.username}</TableCell>
+                                <TableCell>
+                                  <Badge variant={entry.platform === "GITHUB" ? "default" : "secondary"}>
+                                    {entry.platform === "GITHUB" ? "GitHub" : "42"}
+                                  </Badge>
+                                </TableCell>
+                                <TableCell className="text-right">
+                                  <Button
+                                    size="icon"
+                                    variant="ghost"
+                                    className="h-8 w-8 text-destructive hover:bg-destructive/10 hover:text-destructive"
+                                    onClick={() => removeMutation.mutate(entry.id)}
+                                    disabled={removeMutation.isPending}
+                                  >
+                                    <Trash2 className="h-4 w-4" />
+                                  </Button>
+                                </TableCell>
+                              </TableRow>
+                            ))
+                          )}
+                    </TableBody>
+                  </Table>
+                </div>
+
+                {whitelist.length > 0 && selectedIds.size > 0 && (
+                  <div className="flex items-center gap-2">
+                    <Button
+                      variant="destructive"
+                      size="sm"
+                      onClick={handleBulkDelete}
+                      disabled={bulkRemoveMutation.isPending}
+                    >
+                      {bulkRemoveMutation.isPending && <Loader2 className="mr-2 h-4 w-4 animate-spin" />}
+                      Delete Selected (
+                      {selectedIds.size}
+                      )
+                    </Button>
+                  </div>
+                )}
+
+                <div className="space-y-4 rounded-lg border p-4">
+                  <h3 className="font-medium">Add Users to Whitelist</h3>
+                  <div className="grid gap-4">
+                    <div className="space-y-2">
+                      <Label htmlFor="usernames">Usernames (one per line)</Label>
+                      <Textarea
+                        id="usernames"
+                        placeholder={`username1
+username2
+username3`}
+                        value={usernames}
+                        onChange={e => setUsernames(e.target.value)}
+                        rows={4}
+                      />
+                    </div>
+                    <div className="space-y-2">
+                      <Label htmlFor="platform">Platform</Label>
+                      <Select value={platform} onValueChange={(v: "GITHUB" | "FORTYTWO") => setPlatform(v)}>
+                        <SelectTrigger id="platform">
+                          <SelectValue />
+                        </SelectTrigger>
+                        <SelectContent>
+                          <SelectItem value="GITHUB">GitHub</SelectItem>
+                          <SelectItem value="FORTYTWO">42 Intra</SelectItem>
+                        </SelectContent>
+                      </Select>
+                    </div>
+                    <Button
+                      onClick={handleAdd}
+                      disabled={addMutation.isPending || !usernames.trim()}
+                    >
+                      {addMutation.isPending && <Loader2 className="mr-2 h-4 w-4 animate-spin" />}
+                      Add to Whitelist
+                    </Button>
+                  </div>
+                </div>
+              </>
+            )}
+      </CardContent>
+    </Card>
+  );
+}
diff --git a/frontend/app/events/[id]/dashboard/dashboard.tsx b/frontend/app/events/[id]/dashboard/dashboard.tsx
index 382c7ede..4d575489 100644
--- a/frontend/app/events/[id]/dashboard/dashboard.tsx
+++ b/frontend/app/events/[id]/dashboard/dashboard.tsx
@@ -70,6 +70,7 @@ import { Textarea } from "@/components/ui/textarea";
 import { useTabParam } from "@/hooks/useTabParam";
 import { cn } from "@/lib/utils";
 import { StarterTemplatesManagement } from "./components/StarterTemplatesManagement";
+import { WhitelistManagement } from "./components/WhitelistManagement";
 
 interface DashboardPageProps {
   eventId: string;
@@ -428,6 +429,7 @@ export function DashboardPage({ eventId }: DashboardPageProps) {
           <TabsTrigger value="operation">Operation</TabsTrigger>
           <TabsTrigger value="settings">Settings</TabsTrigger>
           <TabsTrigger value="admins">Admins</TabsTrigger>
+          <TabsTrigger value="whitelist">Whitelist</TabsTrigger>
         </TabsList>
 
         <TabsContent value="overview" className="space-y-6">
@@ -1305,6 +1307,10 @@ export function DashboardPage({ eventId }: DashboardPageProps) {
             </CardContent>
           </Card>
         </TabsContent>
+
+        <TabsContent value="whitelist" className="space-y-6">
+          <WhitelistManagement eventId={eventId} />
+        </TabsContent>
       </Tabs>
     </div>
   );
diff --git a/frontend/components/event-info-notice.tsx b/frontend/components/event-info-notice.tsx
index 38f41912..c3eb1f87 100644
--- a/frontend/components/event-info-notice.tsx
+++ b/frontend/components/event-info-notice.tsx
@@ -2,7 +2,10 @@
 import { useMutation, useQueryClient } from "@tanstack/react-query";
 import { useRouter } from "next/navigation";
 import { useEffect, useRef, useState } from "react";
+import { toast } from "sonner";
+import { isActionError } from "@/app/actions/errors";
 import { joinEvent } from "@/app/actions/event";
+import { myTeamQueryKey } from "@/app/events/[id]/my-team/queries";
 import { Badge } from "@/components/ui/badge";
 import { Button } from "@/components/ui/button";
 
@@ -57,12 +60,22 @@ export default function EventInfoNotice({
   const timeLeftMs = startsAt.getTime() - now.getTime();
 
   const joinEventMutation = useMutation({
-    mutationFn: () => joinEvent(eventId),
+    mutationFn: async () => {
+      const result = await joinEvent(eventId);
+      if (isActionError(result)) {
+        throw new Error(result.error);
+      }
+      return result;
+    },
     onSuccess: () => {
+      toast.success("Successfully joined the event!");
       queryClient.invalidateQueries({ queryKey: ["event", eventId] });
-      queryClient.invalidateQueries({ queryKey: ["myTeam", eventId] });
+      queryClient.invalidateQueries({ queryKey: myTeamQueryKey(eventId) });
       router.refresh();
     },
+    onError: (error: Error) => {
+      toast.error(error.message || "Failed to join event");
+    },
   });
 
   if (!showJoinButton && hasStarted) {
diff --git a/frontend/components/ui/checkbox.tsx b/frontend/components/ui/checkbox.tsx
new file mode 100644
index 00000000..6ce1ddea
--- /dev/null
+++ b/frontend/components/ui/checkbox.tsx
@@ -0,0 +1,30 @@
+"use client";
+
+import * as CheckboxPrimitive from "@radix-ui/react-checkbox";
+import { Check } from "lucide-react";
+import * as React from "react";
+
+import { cn } from "@/lib/utils";
+
+const Checkbox = React.forwardRef<
+  React.ElementRef<typeof CheckboxPrimitive.Root>,
+  React.ComponentPropsWithoutRef<typeof CheckboxPrimitive.Root>
+>(({ className, ...props }, ref) => (
+  <CheckboxPrimitive.Root
+    ref={ref}
+    className={cn(
+      "grid place-content-center peer h-4 w-4 shrink-0 rounded-sm border border-primary shadow focus-visible:outline-none focus-visible:ring-1 focus-visible:ring-ring disabled:cursor-not-allowed disabled:opacity-50 data-[state=checked]:bg-primary data-[state=checked]:text-primary-foreground",
+      className,
+    )}
+    {...props}
+  >
+    <CheckboxPrimitive.Indicator
+      className={cn("grid place-content-center text-current")}
+    >
+      <Check className="h-4 w-4" />
+    </CheckboxPrimitive.Indicator>
+  </CheckboxPrimitive.Root>
+));
+Checkbox.displayName = CheckboxPrimitive.Root.displayName;
+
+export { Checkbox };
diff --git a/frontend/package.json b/frontend/package.json
index 2d4b0fcb..46907fc7 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -16,6 +16,7 @@
     "@internationalized/date": "^3.11.0",
     "@radix-ui/react-accordion": "^1.2.12",
     "@radix-ui/react-avatar": "^1.1.11",
+    "@radix-ui/react-checkbox": "^1.3.3",
     "@radix-ui/react-dialog": "^1.1.15",
     "@radix-ui/react-dropdown-menu": "^2.1.16",
     "@radix-ui/react-label": "^2.1.8",
diff --git a/frontend/pnpm-lock.yaml b/frontend/pnpm-lock.yaml
index e19a578b..d3cfeb04 100644
--- a/frontend/pnpm-lock.yaml
+++ b/frontend/pnpm-lock.yaml
@@ -20,6 +20,9 @@ importers:
       '@radix-ui/react-avatar':
         specifier: ^1.1.11
         version: 1.1.11(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
+      '@radix-ui/react-checkbox':
+        specifier: ^1.3.3
+        version: 1.3.3(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
       '@radix-ui/react-dialog':
         specifier: ^1.1.15
         version: 1.1.15(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
@@ -837,6 +840,19 @@ packages:
       '@types/react-dom':
         optional: true
 
+  '@radix-ui/react-checkbox@1.3.3':
+    resolution: {integrity: sha512-wBbpv+NQftHDdG86Qc0pIyXk5IR3tM8Vd0nWLKDcX8nNn4nXFOFwsKuqw2okA/1D/mpaAkmuyndrPJTYDNZtFw==}
+    peerDependencies:
+      '@types/react': '*'
+      '@types/react-dom': '*'
+      react: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc
+      react-dom: ^16.8 || ^17.0 || ^18.0 || ^19.0 || ^19.0.0-rc
+    peerDependenciesMeta:
+      '@types/react':
+        optional: true
+      '@types/react-dom':
+        optional: true
+
   '@radix-ui/react-collapsible@1.1.12':
     resolution: {integrity: sha512-Uu+mSh4agx2ib1uIGPP4/CKNULyajb3p92LsVXmH2EHVMTfZWpll88XJ0j4W0z3f8NK1eYl1+Mf/szHPmcHzyA==}
     peerDependencies:
@@ -4417,6 +4433,22 @@ snapshots:
       '@types/react': 19.2.14
       '@types/react-dom': 19.2.3(@types/react@19.2.14)
 
+  '@radix-ui/react-checkbox@1.3.3(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)':
+    dependencies:
+      '@radix-ui/primitive': 1.1.3
+      '@radix-ui/react-compose-refs': 1.1.2(@types/react@19.2.14)(react@19.2.4)
+      '@radix-ui/react-context': 1.1.2(@types/react@19.2.14)(react@19.2.4)
+      '@radix-ui/react-presence': 1.1.5(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
+      '@radix-ui/react-primitive': 2.1.3(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
+      '@radix-ui/react-use-controllable-state': 1.2.2(@types/react@19.2.14)(react@19.2.4)
+      '@radix-ui/react-use-previous': 1.1.1(@types/react@19.2.14)(react@19.2.4)
+      '@radix-ui/react-use-size': 1.1.1(@types/react@19.2.14)(react@19.2.4)
+      react: 19.2.4
+      react-dom: 19.2.4(react@19.2.4)
+    optionalDependencies:
+      '@types/react': 19.2.14
+      '@types/react-dom': 19.2.3(@types/react@19.2.14)
+
   '@radix-ui/react-collapsible@1.1.12(@types/react-dom@19.2.3(@types/react@19.2.14))(@types/react@19.2.14)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)':
     dependencies:
       '@radix-ui/primitive': 1.1.3