A couple of questions that are interconnected:
1. Jamf needs a user to log in first in order to escrow the secure boot token required to be able to wipe the device from Jamf, right?
2. What's the best way to create an auto login user during the provisioning process? I'd like to use this account to run DEPNotify (as it doesn't run without a user apparently; happy to be corrected if wrong) immediately upon enrollment completion and then delete the auto log in user and itself once it has completed it's run. This will also hopefully cause Jamf to escrow the secure boot token.