Please check that the identity provider is using the correct certificate to encrypt the SAML assertion. Encryption is performed using your SP public key and decryption is performed using the corresponding SP private key.
If there’s still an issue, please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com.