Please check if any ancestor project has default role allowing to access them. If not, check the default login group in administration / security setting.

Hello thanks for your reply!

The root projects all have the default role set at the same Nothing role:

As per suggestion, I have made a new group as the default with the following settings:

However when I go on an incognito tab I can still see all the projects:

I did some further testing myself and interestingly enough if I make a project that has no default role it doesn't show up anywhere and is truly private. But once I said the role to "nothing" it appears as an empty project again:

Is this intentional behaviour? I guess it's fixed from my part because I can set it as no default role for now but I'm wondering if this is a bug

This is expected behavior. When a project is associated with a role, it will get minimum permission which is issue browsing and opening. Since your projects do not have issues, it displays nothing.

However, it seems that a child project cannot be set as "no default role", so a public project cannot have a truly private child project by setting the role to nothing. Is there any way to make a child project truly private?

After clicking the "X", the default role will be set to "Inherit from parent"

This is expected behavior. The effective permissions of a project is union of permissions from all sources, including inherited and self-defined.

So it is impossible to make a child private if any of its parent is public.

So it is impossible to make a child private if any of its parent is public.

Is it possible to add some methods to easily and freely set a project as truly private in future versions?

I am afraid this may not be implemented in the near future, as many tree operations in OneDev are based on this assumption.