I have a web app, wants to check if the logged-in user belongs to a group so that I can control the permission of the group and users for my web app.
Checked Graph API has https://docs.microsoft.com/en-us/graph/api/group-getmembergroups?view=graph-rest-1.0&tabs=http. I think it meets my requirement.
However the api needs permission: GroupMember.Read.All, Group.Read.All, Directory.Read.All, Directory.ReadWrite.All, Directory.AccessAsUser.All. 
When I configured the permission in AAD, it tells all these permission needs Admin Consent, but I can't grant. 
So how can we get admin consent granted. If this API is not proper way to check membership, is there any other way to implement such senario?
Many thanks,
Ping