c# – can’t reset password of signed in user without specific role

I have a C# application running in Azure Functions,
I need to change password of a specific user using usernamepassword credentials.

My app using MSAL for authentication (https://github.com/AzureAD/microsoft-authentication-library-for-dotnet)

and in order to obtain the ability to authenticate with usernamepassword flow this option is used: https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/wiki/Username-Password-Authentication.

I’m using Graph API for changing the password of the user (https://docs.microsoft.com/en-us/graph/api/user-update?view=graph-rest-1.0&tabs=http)

I do manage to reset password that way only if I grant the user one of those built-in assign-roles:

Password Admin, Helpdesk Admin, Authentication Admin, User Admin, Privileged Authentication Admin, Global Admin

but if I don’t give the user one those roles it get the following error message when trying to update the user using PATCH request https://graph.microsoft.com/v1.0/users/########-####-####-####-########

Message: {
“error”: {
“code”: “Authorization_RequestDenied”,
“message”: “Insufficient privileges to complete the operation.”,
“innerError”: {
“date”: “2021-04-07T12:56:56”,
“request-id”: “########-#####-#####-#####-#####”,
“client-request-id”: “########-####-####-####-########”
}
}
}

My problem is that I don’t want to give those permission to any user just to change its own password since those roles are too strong.

It doesn’t make sense to me that a user can’t change its own password with that flow, since with PowerShell it is possible for example with Update-AzureADSignedInUserPassword and no special roles needed for the user. Why the role does effect it when I try to do the same operation with my flow.
any ideas how to overcome this problem, what I’m doing wrong or is that even possible in that flow?

Thanks ahead