If you aren't using the user name/password to authenticate, I believe you are going to be using the unauthenticated reqestor, so you'll need to make sure its access group has your rulesets. For security, I would probably create an unauthenticated ruleset, to limit what rules that requestor has potential access too.
Need little bit more help. I created a User ID/Password, but its not taking. Do I need to add "==" at the last, like in the PDN example below. I converted the password into Base64, but its not working.