ClientID’s are public.
They form part of the URL when a user authenticates.
It’s impossible to hide a ClientID.
You should use your own ClientID regardless.
Since you can then generate an App Access Token and use that to call the API with (which requires the client secret).