Hello,
Just to share if anyone has the same issue.
We just got an answer from MS support about this. Here is the answer we got:
Apps can apply label of a file when the file was last modified by or authored by a user with a valid email or if the site owner has a valid email address. If a file is allowed to be labelled in such a situation, the file can get into a state where only the tenant admin can change the label of file for certain label configurations. To avoid such situations, the operation is blocked.
In our case, the file last modified by was an old account (no email) and the site Owner was the SharePoint administrator group. (the site owner here is the one you got with the command "Get-SPOSite -Identity https://siteurl | select Owner" so the site collection primary admin or the Group owner)
As a workaround, we assign a valid user as the site primary admin before calling this graph API endpoint.
Hope this help.
Aurélien