When using ACL you have always to be logged in. Follow this to log in https://dgraph.io/docs/enterprise-features/access-control-lists/#access-data-using-the-graphql-api
You will get the access JWT(token) to use in all future queries and others.
As the admin endpoint is a GraphQL Server, you should use GraphQL queries in cURL or use Insomnia or Postman or any GraphQL client to access it. And all of them have a field to add the JWT(Token).