Currently there is a lot of documentation of how to set up Liferay as a IDP using SAML. However there are scenarios when users would want to use Liferay as the SP and receive messages from a third party IDP. In this situation there are documents available for how to set up Liferay as an SP, however there is one crucial information that should be mentioned in documentation.
If a customer does not encrypt the actual messages that are being sent to Liferay, an error will occur. There is an error that shows up on this however it is unclear that you need the messages to be encrypted.
Even though Liferay is not in charge of third party settings, this note should be added in documentation to let customers know that Liferay will not accept messages unless the messages themselves are encrypted to prevent confusion