What is the correct ACF2 parameter for RACF's APPLDATA? 

Example from IBM's IP Programmer's Guide and Reference:
Define security product authority for the profile EZBDOMAIN in the SERVAUTH class within the sysplex that is to use trusted TCP connections. Specify the same security domain name in the APPLDATA  field:

RDEFINE SERVAUTH EZBDOMAIN APPLDATA('security_domain_name')

The $USERDATA control statement is how ACF2 passes the APPLDATA in a RACROUTE EXTRACT call. For these types of calls, do not code a SERVICE on the rule line. The rule line should be either ALLOW or PREVENT.

Example: 
$KEY(EZBDOMAIN) TYPE(SER)
$USERDATA(’security_domain_name’)
 UID(uid string -) ALLOW