Wipe Managed Device

Required Permission

Action Area:		Required Permission:	Helpdesk Permissions Device Permission Wipe Device

The user requires permission with (any device) or matching the device's Operating System and/or Configuration. See My Access - Page for more information

Action compatibility

This action is compatible with all Intune-managed devices. The effect of the action may depend on the device's operating system or the ownership of the device.

todo: create a matrix explaining the effect of the action based on the different OS and ownerships.

Action Description

The Wipe managed device action restores a device to its factory default settings. This wipes all user accounts, data, MDM policies, and settings/Resets the operating system to its default state and settings.

This action will also delete the associated Azure Device Registration to remediate orphaned device registrations.

This action will also perform a Managed Apps Sign-out to clean up unwanted MAM-only registrations..

Permission to this action is typically not granted for personal devices, as a wipe of a personally owned device is will cause data-loss of personal data.

When to use this action?

Intune-managed devices may be wiped if they need to be installed from scratch or returned to the organization's device stock. To protect confidential data, consider sending a wipe command if a device is lost or stolen.

Please refer to and follow your company's guidelines before sending wipe requests.

Remote actions overview

Sync Managed Device

Retire Managed Device

Delete Azure device registration

Wipe Managed Device

Reset/Remove Device Passcode

Change Device Ownership

Managed Apps Sign-out

Get Local Admin Password

User Password Reset

Create TAP for user

Delete existing TAP

Add Phone MFA method

Delete Phone MFA method

Wipe Managed Device

Required Permission

Action compatibility

Action Description

When to use this action?