As part of the upcoming User Management integration for Bitbucket, into the Atlassian Organization (https://www.atlassian.com/wac/roadmap/cloud/user-provisioning-for-bitbucket?category=userManagement&p=dbe4af1e-48), We would like to be able to control app passwords (aka api tokens) from the Org level, allowing Org Admins to set expirations and an option to force delete/rotate app passwords, should a security event take place that deems it necessary.