Well, it seems that although it used to work, and that our org mandates using SSO not tokens or keys, its not possible to get SSO not to prompt every time.

The work around I used was to create an app token in bitbucket, then modify my remote thusly:

git remote set-url origin https://[email protected]/myorg/my -service.git

Before that it used our organisation name in place of mytokenname.

Now the first time I did a git operation, I put in the token, and now it remembers it so no more logging in every time.

What's the point of SSO though, if you cant use it because doesn't remember your details?