Access Service Token headers underscore inconsistency

The Cf-Access-Token header also works with Cf_Access_Token, but Cf-Access-Client-Id and Cf-Access-Client-Secret do not. This can cause issues with tools that take headers as environment variables, for example the Sourcegraph CLI, where using - is not possible but _ is. While this is not actually (currently) documented, this would be helpful in these cases.