If you want to add the permissions programmatically, use the appRoleAssignment endpoint: https://learn.microsoft.com/en-us/graph/api/serviceprincipal-post-approleassignedto?view=graph-rest-1.0&tabs=http
Do note that you need some highly privileged permissions to perform such operations, which is effectively the equivalent of Global admin. You will have to work with your admins to grant those permissions first, before your app is able to make changes to appRoleAssignments.