You will probably need to set security to enable the groups access
When the setting is Microsoft Graph API, the Azure Entra App definition needs to be granted the access to the API.
1) In the Azure Portal for your organization, start by navigating to your OpenID application using app registrations:
2) Then click on your app--
3) Then Click on Api Permissions
4) If the Group.Read.All permission for Type Application is not listed, click on Add Permission:
5) Select Microsoft Graph -
6) Then Application Permissions
7) Open Group and Select Group.Read.All
8) Click on Add Permissions and THEN very important, you will probably need to
9) Click on "Grant Admin Consent" for your organization
