Our Tenant want to use our abp web api directly. which method should be used for authentication(login)? if I use "/api/account/login" then I have to give tenantId to my tenant. is it a good decision or is there a way of using an api key for accessing abp web api.
For the authentication part, they should use one of the authentication flows. For your case, client secret or resource owner password flows seems fine. You will create a client in the IdentityServer and share client id & secret with your partner. There are some libraries for the authentication, based on the client platform (.net, Java, JavaScript... etc).
You can refer to the IDS4 documentation: https://identityserver4.readthedocs.io/en/latest/quickstarts/1_client_credentials.html
Once you obtain the access code, you can add it to the Authorization header (manually or using a library).
For the tenant part, they can send __tenant HTTP header. This value can be tenant id or tenant name. So, you don't have to share the id, tenant name will work as expected.