Are you perhaps trying to change the password of a privileged (admin) user? As noted in the documentation, you need to have specific roles assigned to change password (and some other properties) of admin users:
For delegated scenarios where an admin is acting on another user, the admin needs one of the following Azure AD roles:
Global Administrator
Privileged Authentication Administrator
Authentication Administrator
And also:
Updating another user's sensitive properties like businessPhones, mobilePhone, or otherMails is not allowed on users who are assigned an administrator role or who are members of a role-assignable group, even when the app is granted the User.ReadWrite.All or Directory.ReadWrite.All delegated or application permissions. For more information about who can update sensitive properties or reset passwords, see Authorization and privileges.
More detail here: https://learn.microsoft.com/en-us/graph/api/resources/users?view=graph-rest-1.0