I would suggest Intune might be the right choice instead of MDM. And Bitlocker situation might create problem in MDM while using the wipe API.
MDM is device-centric, so device features are configured based on who needs them. For example, you can configure a device to allow access to Wi-Fi, but only if the signed-in user is an organization account.
In Intune, you create policies that configure features & settings and provide security & protection.
By using the Retire or Wipe actions, you can remove devices from Intune that are no longer needed, being repurposed, or missing. Users can also issue a remote command from the Intune Company Portal to devices that are enrolled in Intune.
Remove devices by using wipe, retire, or manually unenrolling the device https://learn.microsoft.com/en-us/mem/intune/remote-actions/devices-wipe
Hope this resolves your Query !!
--If the reply is helpful, please Upvote and Accept it as an answer–