In order to upload a security report to a Reshift server, a report provider token must be supplied. This controls who may upload to the server, and provides a means of grouping similar reports together. As an example, a build server might upload using the “Daily Build” reporter token, while another build might be configured for a “Production Release” reporter token. These reports will be aggregated under the project in the scans view, but can also be viewed as individual streams of reports. If a token has been compromised, or simply isn’t needed anymore, the report provider token can be revoked, ensuring that no reports using that token will be accepted.