I have a few questions about re:dash SSO capabilities. I found in documentation that there is posibility to setup SAML Identity provider in configuration, it is great but not enought for my use case.

I have an aplication which is some kind of Data Lake events catalogue. Data Lake is BigQuery based so it easilly integrates with re:dash. In my application I want to add buttons which redirects to re:dash but I want to skip login page. My application already know the user. I am talking about some kind of Heroku SSO. https://devcenter.heroku.com/articles/add-on-single-sign-on When I post some keys (maybe user API key will be sufficient) and re:dash creates user session based on this keys.

Is it possible? Is it hard to implement if I want to contribute?

There is support for passing authentication info via a header, which might work for your case. And if not, implementing this should be hard (assuming you know Python).

Passing authentication info via a header sounds good. Is there a documentation which describes it?

There is no documentation, but check out the pull request that implemented it: https://github.com/getredash/redash/pull/883, should help you understand how it works.