Some agreements you have with federations may require you to trace a login back to a user for a period of time after it has happened. This cannot be done if the account has been deleted so you may need to set the automatic deletion period to be long enough to allow for any agreements of this type.
Local data protection regulations may require you to set a shorter period here. Data protection regulations that apply in the countries where OpenAthens store and process the data mean there is can be no option to never delete expired accounts. The domain administrator may have set a preference to delete non-activated accounts after a number of days. You should bear this in mind if changing the activation code expiry preference.Your local data protection regulations may require you to set a shorter period that the default.
Setting 0 days means the account will be deleted on the same day it expires
Resource access section
Permissive and restrictive mode for federated resources