We are looking to move all of R&D (150+ users) to BitBucket. But our security policy forces us to ensure that secrets are rotated periodically, Hence, as an administrator we need to ensure that the SSH keys for all users, repositories, and the workspaces are rotate periodically.

You can add an option, which allows an administrator to set a SSH policy, which enforce all SSH keys to be rotated, or you can allow an administrator to retrieve all SSH keys for all users, repositories, and the workspace in the API.  We need at least the created_on property, but preferably also the label, comment, and last_used properties, and even better all the properties. This is safe to do, as it is the public key.