AWS SSO + Rancher

Is it even possible to achieve configuration to Rancher through the AWS SSO? I thought it will be easy to do using Keycloak (SAML) configuration, but we cannot retrieve private key, that is required by this configuration, from AWS SSO because it doesn’t allow this.

I was able to integrate AWS SSO as my SAML provider by selecting AD FS instead in Rancher (Microsoft Active Directory Federation Services). Now my users click on “Login with ADFS” to actually connect with AWS SSO. It’s weird by it works.

I wish Rancher would simply add a generic SAML integration (or a direct AWS SSO integration).