In a nutshell, if a client (in the technical sense) has valid username and password then it can provide it to the WP installation to be checked and be placed in a “privileged” context for all the code to run.
Being web app, native WP authentication is mostly browser/cookie centric. So for a mobile app it highly depends on specific app architecture. It can range from merely very same site loaded in the app shell to using REST API (WP’s native or even completely custom).
It should be noted that even using the password for log in your app should likely not store it persistently for security reasons. This is commonly implemented via receiving an access token upon successful authentication.
Overall you should first do research on what technologies you will be using in your mobile app, which authentication approaches they favor, and only then how to best interface it with WordPress.