Access tokens support cross-instance authentication through a "circle of trust", which is established by sharing a public certificate among all participating instances. In essence, a circle of trust means that a service will verify access token signatures against all trusted certificates, including ones generated by other services and set as 'trusted' as part of the circle of trust.
Note
It is up to the service administrator to make sure that all participating instances are equipped with the certificates. This means that any instance can generate a token to be used with any other instance within the circle of trust.