Legacy Client ID’s (ie older client IDs) or the clientID from the third party TMI token generator for example.
Can generate tokens that have no expiration, this will likely change at some point
ClientID’s are public no need to hide those
Your UserID is also public, no need to hide those either.