I have an ASP.NET Core project which is hosted on Azure and has many registered users. I want to create a mobile app and I need an API which provides access to same users accounts and Identity system. I found out that IdentityServer can help but I still don't understand how to use identityserver with WebAPI in the same project as I want to create a new project for webapi and allow the mobile client to authenticate using the same credentials stored in the database.

Thank you :)

In this instance I don't believe it should be necessary to have your API (resource) and Identity Server in the same project, you can have them in separate projects.

In order to configure Identity Server 4 to work with your existing user store, I believe you need an implementation of IProfileService - brief comment at the bottom of http://docs.identityserver.io/en/release/quickstarts/3_interactive_login.html?highlight=IProfileService%20 confirms this.

Once you have your Identity Server instance hooked up to your own data store, you should then be able to protect your API with your Identity Server instance. There are a number of ways to achieve this, but I would suggest following the quick starts at http://docs.identityserver.io/en/release/quickstarts/0_overview.html will give you a good example of how to protect an API with Identity Server.