Are you using client credentials flow?

Try with this script and modify client id/secret, user/group id

var clientId = '';
var clientSecret = '';
var tenantId = '';

var tokenUrl = 'https://login.microsoftonline.com/' + tenantId + '/oauth2/v2.0/token';

var rm = new sn_ws.RESTMessageV2();
rm.setHttpMethod('POST');
rm.setEndpoint(tokenUrl);

var requestBody = 'grant_type=client_credentials' +
    '&client_id=' + clientId +
    '&client_secret=' + clientSecret +
    '&scope=https://graph.microsoft.com/.default';

rm.setRequestBody(requestBody);
rm.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');

var response = rm.execute();
var responseBody = response.getBody();
var statusCode = response.getStatusCode();

if (statusCode == 200) {
    var responseObj = JSON.parse(responseBody);
    var accessToken = responseObj.access_token;

    // Step 1: Get the user's object ID from UPN
    var userUPN = 'your_user_id';
    var userLookup = new sn_ws.RESTMessageV2();
    userLookup.setHttpMethod('GET');
    userLookup.setEndpoint('https://graph.microsoft.com/v1.0/users/' + encodeURIComponent(userUPN));
    userLookup.setRequestHeader('Authorization', 'Bearer ' + accessToken);
    userLookup.setRequestHeader('Content-Type', 'application/json');

    var userResponse = userLookup.execute();
    var userStatus = userResponse.getStatusCode();

    if (userStatus == 200) {
        var userObj = JSON.parse(userResponse.getBody());
        var userId = userObj.id;
		gs.info('userId '+userId);

        // Step 2: Add user to the group
        var groupId = 'group_id';
        var addUser = new sn_ws.RESTMessageV2();
        addUser.setHttpMethod('POST');
        addUser.setEndpoint('https://graph.microsoft.com/v1.0/groups/' + groupId + '/members/$ref');
        addUser.setRequestHeader('Authorization', 'Bearer ' + accessToken);
        addUser.setRequestHeader('Content-Type', 'application/json');

        var payload = JSON.stringify({
            "@odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/" + userId
        });

        addUser.setRequestBody(payload);
        var addResponse = addUser.execute();
        var addStatus = addResponse.getStatusCode();

        if (addStatus == 204) {
            gs.info('User successfully added to group.');
        } else {
            gs.error('Failed to add user. Status: ' + addStatus + ', Response: ' + addResponse.getBody());
        }

    } else {
        gs.error('Failed to retrieve user. Status: ' + userStatus + ', Response: ' + userResponse.getBody());
    }

} else {
    gs.error('Failed to obtain access token. Status: ' + statusCode + ', Response: ' + responseBody);
}