Login only registered social users


I am new in Auth0, maybe I’m wrong but I’m confused.

I’m doing some tests in Python with the example code. I’ve disabled new sing ups in database dashboard, then only login form is showing, that’s fine. But when I login through new universal login with a social email that is not in the database the Auth0 system adds it as new user in database and then the user gets authorization to the application. I think this isn’t a correct behaviour, isn’t it?

I would like if a user is trying to login and is not in database then gets an unauthorized message. Is it possible?