I think that the party is kind of distributed. If I'm not mistaken, the manufacturer of your device decides what they consider "trusted", and they can certify the integrity of your hardware. On top of that, the operating system you use will take this as a base, and adds its own verification to it, to certify that the inetgrity of the OS has not been broken. And on top of that comes the web browser or some other software that verifies if it has been modified, and can certify if it feels ok. And then, when you use a service that wants to check if you run an "approved" environment, they will see the whole chain of verification, and they can decide if they dont trust someone in the chain. Like, if they dont trust that Firefox (assuming it implements WEI, which would be hugely disappointing) certifies its integrity honestly, or that they dont trust that your Linux kernel is honest, or if they dont trust that your System76 (or whatever) motherboard (and other hardware devices) dont lie or do cerification incorrectly, then they just simply deny you access.

And the process if making your device "trusted" probably consists of a) using "approved" software and hardware b) getting the providers of your services to accept the software and hardware you use as trustworthy

And what is this related to the TPM on bios?

The TPM is the secure element that makes authentic (believable) attestation (verification that it is what is says) possible. One of its important properties is that software you run can add their private keys to it, after which point they cannot be retrieved anymore, but still can be used, e.g. for cryptocgraphically signing data. The TPM may also store some keys permanently that were added in the factory, which it can use to sign data that verifies that it is this and that hardware device, and "feels ok", as in it hasnt detected that it would have been tampered with.