Ahh I was using the secret id instead of application (client id) in the authentication! This definitely helped me get the bearer token.
I am running into permission into 403 error “message”: “Insufficient privileges to complete the operation.”,
I tried to run the get/users graph api but still error:
GET https://graph.microsoft.com/v1.0/users
Are there more permissions needed to be applied?