LCCS doesn't really have a list of authorized users. It is up to your application to provide valid authentication tokens.
You can implement your requirements, though, by using external authentication.
Basically your server-side application keeps the list of users that can access a room in, for example, a database table like this:
create table room_users {
roomName varchar(64).
userName varchar(64),
userId varchar(64),
role int
}
When a user logs in through your application portal and tries to access a room you look for an entry in room_users. If not there the user cannot access the room. If it's there you can create an external authentication token using the values from the room_users row and pass it to your Flash application.
The SDK comes with a couple of examples for using external authentication, that you can refer to.