ChessClub,
The organizationAdmin role needs to be assigned to a registeredUser. Each organization needs at least one user that has the roles of organizationAdmin and registeredUser. The organizationAdmin role is not intended to be used with internal users like Admin, ApiOwner, etc. So I would suggest that you remove the role from your admin user, and add the role to your registeredUser.
Here is the list of supported account types and their domains and roles, any other combinations can result in unforeseen behavior:
Username: AccountManager
Domain: INTERNAL
Roles: accountManager
Username: Admin
Domain: INTERNAL
Roles: administrator
Username: ApiOwner
Domain: INTERNAL
Roles: apiOwner, cmsuser
Username: BusinessManager
Domain: INTERNAL
Roles: businessManager
Username: WebAdmin
Domain: INTERNAL
Roles: cmsuser, webAdmin
External users/developers should have:
Domain: LRSDEVELOPER
Roles combo1: organizationAdmin, registeredUser
Roles combo2: registeredUser
--Azad