Hi,
so there is not definite answer to this, but there are some situations where it really makes sense to use device based assignments instead of user based assignments. In general user based assignments are faster applied as they can be evaluated instantly from the system. The user is always there and can have the relationship with policies/apps. Devices pop up dynamically and device groups need first to be evaluated and then after identifying a membership the Intune service backend is able to push out the configs or apps. This is normally not a problem as we often do wait long enough to allow this to happen. Example: ESP waits for device context app installs and so on. So, enough time to evaluate and send down policies, apps etc.
So, especially for configs when dealing with exceptions like shared devices it is helpful to use device assignments as you are able then to exclude the "special" cases like shared device from regular baseline policies. e.g. you like to have different device lock timeout for them.
If you go for device assignments you should be aware of some behavior, like sudden logouts or restarts, my buddy Jörgen Nilsson has documented this very well here: Autopilot, ESP and extra login/reboots (https://ccmexec.com/2020/01/autopilot-esp-and-extra-login-reboots/).
Apps is a different story, here we are dealing with company portal and available or required assignments. Here I do prefer user assignments if possible, but that's not a golden rule. Also for required deployments it can make sense to use device assignments. I've written a blog post about it here: Intune application targeting for Windows 10 Win32 apps explained (https://oliverkieselbach.com/2020/02/19/intune-application-targeting-for-windows-10-win32-apps-expla...)
best,
Oliver
