Hi @Frank
Of course, if you want to call the graph API then you must use the graph API as the audience to obtain an access token, it does not support the access token obtained with your custom web API as the audience, nor does it support the authentication method of user flow/custom policy.
You must use an Azure AD-based authentication flow to obtain an access token for the graph API, for example: ROPC flow or auth code flow.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.