The Apple Wallet prohibit sharing option will only prevent more than one pass from a template to be installed in a users iPhone; if the user tries to install another pass the original one will be overwritten.
The key with enforcing one pass per user lies in the understanding of the pass cycle and how it is issued.
Firstly, if you expose the Pass URL to users, then this in effect allows them to install a pass when they want, regardless of if they have already used one. This is fine if your campaign is not dependent on 'one use' coupons but in the case of making sure a person only gets one coupon the Pass URL must be hidden, and there must be a condition to check on pass issue.
In order to ensure only one pass is issued to a person, you need to reference that person against some information unique to them, like an email address of telephone number. This data is recorded and checked every time a pass is issued, and if the unique information has already been used to get a pass, the original pass is served and if the unique information is not present a new pass is issued and recorded. The process will be something like,
User is directed to a web form to enter information
User submits form
A check is made to see if a pass with the unique information exists
If it doesn't exist a call is made to issue the new pass
If it does exist the recovery URL is extracted
The recovery URL (in both circumstances) is sent to the user
The key to this is the user will only ever see the unique link to their particular pass.