Hello Anns,
Thanks for reaching out!
As per the error details you shared - {"error":{"code":"ErrorAccessDenied","message":"Access is denied. Check credentials and try again."}}
it seems you are using a delegated token while trying to access other user's mailfolder messages. Delegated permissions only work with a signed-in user present (/me/mailFolders/{id}/messages)
For accessing other user's mailfolder messages (/users/{id | userPrincipalName}/mailFolders/{id}/messages), you need to use an application token with required application permissions.
In order to check the token type and the permissions token have, you can use https://jwt.ms/ to decode your token and check for scp/roles property and the permissions one of these properties has (where scp-delegated, roles-application).
You can test below Graph Endpoint in API Client like Postman with a token (application type) generated using Client Credential flow having required permissions in AAD application.
users/{user-id}/mailfolders/{mailfolder-id}/messages
Regarding the second error {"error":{"code":"MailboxNotEnabledForRESTAPI","message":"The mailbox is either inactive, soft-deleted, or is hosted on-premises"}}
it seems there is no valid M365 license assigned to an AAD user. This error can occur if the mailbox is on a dedicated Microsoft Exchange Server and is not a valid Microsoft 365 mailbox. Please note that Exchange Online mailbox and outlook calendars will only be available/created for the users with a valid M365 license.
Please refer to this similar post and documentation.
Please refer below links for better understanding about tokens, permissions and access scenarios:
Authentication and authorization basics - Microsoft Graph | Microsoft Learn
Microsoft Graph permissions reference - Microsoft Graph | Microsoft Learn
Hope this helps.
If the answer is helpful, please click Accept Answer and kindly upvote. If you have any further questions about this answer, please click Comment