I am getting 403 for a logged in user with no admin credentials when going for:
https://graph.microsoft.com/v1.0/me/memberOf
It works when I am logged in as an admin.
https://graph.microsoft.com/v1.0/me is working fine!
I have delegated permissions in Azure and accepted them as an admin via
prompt=consent querystring.
Read all users' full profiles
Read all groups
Read directory data
Access directory as the signed in user
I am getting the token via this.service.acquireToken(https://graph.microsoft.com)
You have the correct workflow but the wrong parameters.
prompt=consent is used to force the user to re-consent to the required scopes. Typically you would do this if your scopes have changed and you need user's to re-authorize your application.
This shouldn't be confused with prompt=admin_consent which is used when you have scopes that require an Admin's pre-approval prior to standard user's authorizing your application.
You can find more details about prompt and other query parameters in this article.