Admin actions are defined, but you are not allowed to upload token files

I can not upload tokens with the local admin account, created on setup.
I found a few mentions of this, related to policy files. This is my (short) list.

pi-manage policy list

Active Name Scope

True enroll_tokenlabel enrollment
True webui1 webui
True webui_enabletoken authentication
True hide_welcome webui
True selfservice1 user

From the server documentation:
SUPERUSER_REALM: [‘super’]

… note:: The SUPERUSER_REALM is a list of defined realms where the users
will have administrative rights when logging in to the web UI.

PI_AUDIT_POOL_SIZE: 20

PI_AUDIT_SQL_TRUNCATE: True

PI_ENGINE_REGISTRY_CLASS: shared

Local Admins

In addition to the SUPERUSER_REALM there are local administrators stored in
the database. The following administrators are defined:

The weird thing is: I had this before. It magically resolved by restarting the server (and that on a Linux).
Doesn’t solve the problem now however …

I solved it this time by disabling all my policies and then uploading. That worked, but that can hardly be the solution.

What policy blocks this? I don’t think I have anything from the admin scope …

This is a know issue.

The upload will only work, if you define an admin policy. Please note, that you need to define an admin policy with roughly all rights as first policy.

Ah, I missed that. Thank you for your reply.

I was following

Note
As long as no admin policy is defined all administrators are allowed to do everything.

from the page https://privacyidea.readthedocs.io/en/latest/policies/admin.html#admin-policies in the documentation…