Resolved - Support Tip: Occasionally occurring with iOS MAM and Office apps

EDIT: Of course right after posting we may have found the solution. In Intune>Apps>App selective wipe>for both Wipe requests and User-Level Wipe, the account was listed there. I just deleted the wipe requests and I'm sure all will be well. This one took longer than I'd like to admit.

TLDR: Is there a PowerShell command to get App managed devices and delete them?

I'm in the middle of troubleshooting this issue and my situation may be the result of a series of events when getting Intune ready for company rollout for iOS devices. I had removed and reset an iPhone multiple times without issue and also tested making the device noncompliant and compliant again without issue. The other day a new device compliance rule was created by another admin which required the device to be at the latest iOS version (16.5.1 and the device was at 16.5) which marked the device noncompliant. At that time, the admin then removed the device from the group the policy was applying to and the user account was able to log in but started receiving the 607 errors and could not use any O365 application. The account was, however, able to use the iOS native mail application to access its M365 Exchange Online mailbox.

My investigation started because of this, but the compliance policy may not be the root cause. What I did discover, however, is that in the Microsoft 365 admin center under Devices>>Active devices, the device was listed in both the Fully managed and App managed section. There are now several active devices listed as both Fully managed and App managed. Those devices are working fine for now. The device in question was removed from Intune and is no longer listed in the Fully managed section, but it is still in the App managed section with a 'Last check-in' time of 12/31/1 (sic). Back in the admin center under Users>Active users>click on the user>go to devices>there are duplicate entries with the bad device having a registered date of 1-01-01 @ 12:00am. The issue is that somehow the 'Remove company data' option got triggered for this stale entry and the user account associated with the bad device gets caught in the loop because the company data wipe is tied to the user at this point. I'm trying to find where I saw it, but somewhere in the admin center for the user account, there was a warning about the account having a data wipe pending and won't be able to access company data. Fun times.

At any rate, I'm not able to find this device using powershell get-msoldevice. From what I've read the App managed devices will clear out eventually after a set time if the device hasn't checked in but I'm guessing that with a bogus check-in time of 12/31/1 and the fact that the device can and will be Fully managed (and different user accounts don't have the looping issue using the same device), the bad entry for the App managed device will need to be purged manually somehow. Hope this helps us get to the root. - DW.