I have read IdentityServer documents and see that aims to manage resporce authorizaiton. And I want to learn that can I use this for my enterprise Api? For example I have Finance and IT department controllers in my API. Should I create 2 scopes for them? If I do, after the login screen will show permissions screen. Check or Uncheck Finanace and IT checkboxes. Can I hide these scopes from user?
Scopes model resources, and then you can configure clients to be allowed to request access to those resources. So one reason you break APIs into different scopes is so you can configure which clients can access which APIs. So if you don't want your Finance apps to access the IT APIs, then yes, sounds like those would be two different scopes.
As for showing consent to the user, you can disable the entire consent screen per-client in the Client configuration. This makes sense when it's your client app accessing your APIs on behalf of your users (IOW everything is first-party).