There are API's which can be used for retiring a device can you please try
API: POST https://graph.microsoft.com/beta/deviceManagement/managedDevices/{managedDeviceId}/retire
Please refer this DOC.
The permission "DeviceManagementManagedDevices.PrivilegedOperations.All" is the correct one it should be added in both delegated and application permission please refer this DOC.
Hope this helps.
----------
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.