As per documentation, the Permissions required to get the groups and directory roles are: Directory.Read.All, Directory.ReadWrite.All, Directory.AccessAsUser.All but we can retrieve the details by using User.Read permission.
To Reproduce
Steps to reproduce the behavior:
I have tested it through postman with request URL "https://graph.microsoft.com/v1.0/me/memberOf". After passing Access Token that has "scp": "openid profile User.Read email", it returned all the groups and directory roles.
https://docs.microsoft.com/en-us/graph/api/user-list-memberof?view=graph-rest-1.0&tabs=http
Is this the intended functionality?
Sourced from https://github.com/microsoftgraph/msgraph-sdk-dotnet/issues/778