Well, if you require some parts of API to be anonymously available, and another part requires authorization. Then the easiest way is to implement two these APIs separately,  and configure Web Applications this way, where one of them will have anonymous access, and another would require password. And it will work, and you will not need to do anything else.

But if have everything in on API, you can look at my demo project. Based on Realworld application, offereded realizations in many different languages and frameworks.

And another thing were boring me, is that during the build with Dockerfile, there is no way to run normal IRIS but very minimal, as fast as possible, but fully functional, and suggested that as an idea. During the build, there are no need in ECP, TaskManager and Ensemble, even many having many Write Daemons, and also PWS (where it's left). Do not waste time, starting useless processes.

Good to know, that now it's available for both platforms by the same name

$ docker manifest inspect containers.intersystems.com/intersystems/iris-community:2022.3.0.606.0                                                                                                                                             
{
   "schemaVersion": 2,
   "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json",
   "manifests": [
      {
         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
         "size": 1584,
         "digest": "sha256:a9ad0e317042db836f3fb620200a0a269543a03714da475232b1a47ce8ce7839",
         "platform": {
            "architecture": "amd64",
            "os": "linux"
         }
      },
      {
         "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
         "size": 1584,
         "digest": "sha256:80ffdd649c7ad9bc7d94a97538a88b0f11e15961a2ef9ea12715dba5ba2631a6",
         "platform": {
            "architecture": "arm64",
            "os": "linux",
            "variant": "v8"
         }
      }
   ]
}