I was wondering why there are separate login/logout endpoints in SaasService? Should this not use the standard mechanism to do this (i.e. TokenService)?