Trusting other peoples identification and authorizattion isnt about sharing accounts and passwords.
If user A of server X want to log in at server Y, server Y asks server X if it knows this user A.
If so server X handles the password/mfa check and just gives the green light to server Y.