Hi Nikola,
You may have to call the admin APIs through your back-end server, considering CORS policy and the security risk of exposing "client secret" and your private key on the website.
I would implement it this way:
1. Your team sets up a custom endpoint (let us call it "/activities") in your backend server.
2.Page calls "/activities" endpoint in your back-end server.
3.Back-end takes care of jwt token authentication for accessing admin api, renews token if necessary.
3. Calls the adobe.io endpoint to retrieve activities list.
4. Process the response on server itself if required.
5. Back-end server responds back to the page with the results.
Hope this helps.