This is how I would write it as the plot of a Mr. Robot episode (or something similar - idk if this is possible for every real life situation, but I think is 100% plausible).

Step 1: Try to ID the wristband supplier via OSINT, or possibly via a customer service agent. "Hey, can you let me know who makes the wristbands? I'm allergic to polyester and I wanted to look them up to see if I'll get a rash again this year" or something like that. No idea of a polyester allergy is a real thing, but I'm sure customer service doesn't either.

Step 2a: Once you have the supplier, the trick would be to impersonate someone from the venue to get more wristbands. You could contact the supplier posing as a venue employee and start with a benign question, like "can you confirm when the wristband order shipped?" This is just to feel out the situation. Are they more than willing to give you information? You might be able to find out more useful things.

Step 2b: If they're used to dealing with a specific venue contact, you can say something like "oh yeah, that makes sense - just to confirm, who was it that you spoke with? I work in a different department and I've been asked to help pick up the slack on a few things".

Once they've identified that person, then you'll need to need to get a little hacky. Let's say for creativity's sake that the venue has a missing or misconfigured DMARC record, which means you can easily forge emails pretending to come from their domain.

Step 3: Once you've established trust with the supplier (either via a forged email or via the supplier's complete lack of due diligence), ask them to ship 20 backstage passes to your PO Box and say it's for a production company so their employees can invite friends and family. Or, if the company is local and you don't want to register a PO Box, ask if you can send an intern to pick up the passes since you'll be out of town.

As an added flair, ask if the venue will add a special logo of your own design to the band.