Hi Justin - I don't have it in front of me, but if memory serves, the key and secret are used to get a token which is valid for a certain period. I used the token that the app was using, initially, for the API, but also printed out its expiry time, which turned out not to be very distant.

The app will have the same expiry time, so I kept it using the proxy and the first time after the expiry, the key and secret were visible in the exchange.

Hope that helps!