How to allow external access to a private Azure DevOps NuGet feed

The situation is as follows:

• DevOps Org A maintains a private NuGet feed
• DevOps Org B needs to use packages from the above feed within its Pipelines

Current solution involves:

• adding a user U from Org B as a guest in Org A DevOps with Stakeholder role
• creating PAT for user U in Org A with just Packaging -> Read scope
• using the PAT to register a service connection for the feed in Org B
• using NuGetAuthenticate task in Org B Pipeline before the NuGetCommand restore task

The issue is that user U can log in to Org A's DevOps and view boards, work items, members, etc

The question is how to restrict access so that the only thing that anyone from Org B can do is restore packages from Org A's feed and nothing else?

I have set every permission to Deny on user U's Permissions screen in Org A's DevOps.

As soon as I set View project-level information to Deny, the pipeline in Org B fails with a 404 (Not Found - VS800075: The project with id 'vstfs:///Classification/TeamProject/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' does not exist, or you do not have permission to access it. error.