• Inactive Users
• Delete Users

While there is no built-in means of automatically deleting any user accounts that have shown no activity for a number of days, this could be done periodically with the User Search. See Retrieve Users with the Get Users Endpoint.

It is possible to periodically run a user search query for users whose last_login  value is more than "n" days in the past and then use the DELETE/api/v2/users/{id}  endpoint to delete those users. 

The last_login value will not update for refresh token exchanges. To account for that activity, it is necessary to do a log search for type sertft (Successful exchange of Refresh Token for Access Token).

NOTE: The log retention policy is limited to 30 days, so for logs further out than 30 days it will be necessary to have Log Streams installed.