From the smart-card-equipped workstation, browse to and select the URL of the proxy service where the protected resource requiring NESCM type authentication is enabled.
When prompted by Access Manager, enter a username.
When prompted for the smart card password, enter a password (the smart card PIN).
If the Smart Card contains a certificate that meets the defined criteria (in this example, a matching Subject name and trusted signing CA), the user is now successfully authenticated to the IDP and is connected through Access Gateway to the protected resource.