First, it's great to have AFCS - makes it real easy to build collaborative apps.
I have a couple of suggestions though:
1. Having to have your Adobe user name and password stored in your web app to do the server integration stuff is real bad (password antipattern). You guys should implement OAuth (or similar) so if someone steals the secret in my web app, they don't get access to my whole Adobe account. Really there should be a secret I can use to authentication to the AFCS server integration piece which only allows createRoom/deleteRoom etc. And I should be able to revoke permission on that if it gets stolen.
2. Regarding room timeout. I understand this is possible from Flex in the client. But it would be great to be able to specify a timeout when creating a room through server integration. I want to be able to create rooms from my web app and be sure they're live for a bounded amount of time. I don't want to rely on the room owner to delete them. Sure I can write a periodic check to do this myself and store the creation times in a database. But I just wanted to let you know that if you exposed the existing roomTimeout to server integration then it would save a bit of work.