Security

Security-first operations for trustworthy conference delivery.

vCongress combines modern account protection, strict role separation, and operational traceability for conference teams handling sensitive participant and submission data.

Security pillars

Identity hardening

Passkey-capable authentication, tenant OIDC/SSO, and account-security controls reduce phishing and password risk.

Role-scoped access

Organizer, employee, admin, and participant scopes keep sensitive actions constrained to intended users.

Action traceability

Notification and domain-event visibility supports investigations, quality control, and process governance.

Public/app isolation

Public marketing frontend is separated from authenticated app runtime to reduce exposure.

Safer communication controls

Recipient preview before notification dispatch helps prevent broad targeting mistakes.

Controlled financial actions

Invoice reminders, refunds, and cancellation flows are explicit platform actions with clear user context.

Tenant-owned identity configuration

Enterprise OIDC connections use tenant-specific issuers, safe secret references, claim mapping, and role allowlisting.

Participant access policy

Events can be configured for local registration, optional SSO, required SSO, or invite-only access.

Enterprise SSO without broad trust shortcuts

OIDC compatibility

vCongress supports standards-compliant OIDC discovery flows with HTTPS issuers, including Microsoft Entra ID and Keycloak-compatible providers.

Controlled role propagation

External roles are mapped or allowlisted before they become vCongress roles. Administrative roles are not blindly accepted from an identity provider.

Clear SAML boundary

SAML is not presented as existing OIDC compatibility. If required, it is scoped as a separate enterprise identity integration.

Operational audit visibility

Real-time event and action timelines help teams investigate issues faster and keep critical workflows transparent across organizer roles.

Deployment architecture benefits