I had a requirement to clean our bitbucket license by removing any user with no login record or "Last Authentication" > 60 days. 

I did search here and there to find the most suitable approach and at the end i find there are 2 ways.

- Database update script ,  detailed article  .

 - Using a custom script with Jira script runner plugin 

I preferred the 2nd approach then I developed the required script as below :

Note :  Script-runner for Jira is required , Crowd is our identity management tool so, i used rest client to remove the user directly from the assigned group in crowd 

import com.atlassian.applinks.api.ApplicationLinkService
import com.atlassian.applinks.api.application.bitbucket.BitbucketApplicationType
import com.atlassian.sal.api.component.ComponentLocator
import com.atlassian.sal.api.net.Request
import com.atlassian.sal.api.net.Response
import com.atlassian.sal.api.net.ResponseException
import com.atlassian.sal.api.net.ResponseHandler
import groovy.json.JsonSlurper
import groovyx.net.http.RESTClient
import org.apache.log4j.Logger
import static groovyx.net.http.ContentType.JSON

def log = Logger.getLogger("com.onresolve.jira.groovy")

def appLinkService = ComponentLocator.getComponent(ApplicationLinkService)
def appLinkName = appLinkService.getPrimaryApplicationLink(BitbucketApplicationType)
def limitsize = 200
def start = 0
assert appLinkName
log.debug(appLinkName)
def Users = []

def isLast = false

while (!isLast) {
    def restCallURL = "rest/api/1.0/admin/groups/more-members?context=bitbucket-users&start=${start}&limit=${limitsize}"
    def authenticatedRequestFactory = appLinkName.createAuthenticatedRequestFactory()
    def result = authenticatedRequestFactory.createRequest(Request.MethodType.GET, restCallURL)
        .addHeader("Content-Type", "application/json")
        .execute(new ResponseHandler<Response>() {
            @Override
            void handle(Response response) throws ResponseException {
                if (response.statusCode != HttpURLConnection.HTTP_OK) {
                    throw new Exception(response.getResponseBodyAsString())
                } else {
                    def disable = false
                    def slurped = new JsonSlurper().parseText(response.getResponseBodyAsString())
                    isLast = slurped.isLastPage
                    def slugs = slurped.values
                    slugs.each {
                        if (!it.lastAuthenticationTimestamp) {
                            Users << it.slug
                        } else {
                            Date cutoff = new Date().minus(60)
                            Date last = new Date(it.lastAuthenticationTimestamp)
                            if (last.before(cutoff)) {
                                Users << it.slug
                            }
                        }
                    }
                    start += 200
                }
            }
        })
}

for (user in Users){
restClient('https://YourCrowd/crowd//rest/usermanagement/1/', "group/user/direct", ['username':user,'groupname':'bitbucket-users'])
}
def static restClient(def uri, def path, def query) {
try {

def client = new RESTClient(uri)
def res = client.auth.basic("User", "Pass")
client.delete(path: path, query: query, contentType: JSON)
} catch (Exception e) {

}
}

Then I added the script to be executed as a Jira service every week by following below steps :

1. Navigate to Jira Admin -> System -> Services
2. Fill Service name field 
3. Fill in Class field with "com.onresolve.jira.groovy.GroovyService"
4. Click Add Service 
5. Write the script path under atlassian home/scripts

Done

Regards,