View the original community article here
Last tested: Apr 6, 2018
Only Admin users can see a user's API Client ID and Secret. Non-Admin users who have the
see_users permission can see Client ID's but not secrets.
If a non-admin user is given a Client ID and Secret for the API, they should store it somewhere secure.