Clarify access level needed for secrets in web interface (#2330)

* Clarify access level needed for secrets in web interface

Closes #1087

I considered changing the `permissions-statement-secrets-repository`
reusable to include a reference to the API, but then I noticed that the
other place using it (["Enabling debug logging"][1]) already mentioned
the API, so instead I added a note. Including a mention of "web
interface" lead to (IMO) too much duplication in text, so I rephrased it
to be more like the `permissions-statement-secrets-api` reusable.

[1]: https://docs.github.com/en/free-pro-team@latest/actions/managing-workflow-runs/enabling-debug-logging

* Update data/reusables/github-actions/permissions-statement-secrets-repository.md

I'm going to go ahead and change this back.

Co-authored-by: hubwriter <hubwriter@github.com>

content/actions/reference/encrypted-secrets.md

@@ -77,6 +77,12 @@ When generating credentials, we recommend that you grant the minimum permissions
 
 If your repository {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0"or currentVersion == "github-ae@latest" %}has environment secrets or {% endif %}can access secrets from the parent organization, then those secrets are also listed on this page.
 
+{% note %}
+
+**Note:** Users with collaborator access can use the REST API to manage secrets for a repository. For more information, see "[{% data variables.product.prodname_actions %} secrets API](/rest/reference/actions#secrets)."
+
+{% endnote %}
+
 {% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@3.0" or currentVersion == "github-ae@latest" }
 ### Creating encrypted secrets for an environment