Hi @dev40 .
I tried to use the Hook of Pre User Registration & Rule of Whitelist of Specific Connection to approach the requirement, but it does not work. The new account is still created in database, the best thing I can do is breaking the authentication flow with the Rule.
Until now, your ideal with API to delete the duplicate email + using the Rule of Whitelist is the best choice.