There are two main ways a token it triggered. Through a URL request to my server or through a DNS request being made to my DNS server.
Every time you generate a token. I generate a unique URL and DNS name for you.
The tokens use "tricks" to request a URL or do a DNS request.
So for example The windows directory token uses desktop.ini to place a resource request via DNS.
There is a lecture on Volume 4 of The Complete Cyber Security Course that covers canary tokens in more detail.