From the OIDC protocol perspective the sign-up is just a secondary step to complete the authentication process, but in terms of response the result is the same: a token containing information about the user who just authenticated.
In your application you receive that user information (a unique user id at the very least). If you keep the user profile on your application, for instance, you can detect if the user id that the OIDC protocol send in the response doesn’t exist in your application, it means that it’s a new user.
There are multiple ways to do this. The OIDC middleware, in particular, offers an event (OnTicketReceived) that lets you analyze the information of the ticket created (the user that just logged in). In the event you could check if the user is a new user (no profile yet in your database) and add that as an additional claim (e.g. “IsProfileCompleted: true”). See here for an example of modifying/expanding the claims of the user that just logged in.
Then you could create a filter where you would enforce that the profile is completed by looking at the principal claims and, if the profile is not completed, redirect the user to a profile-completion page. You would apply that filter as a global filter or an attribute to certain controllers and/or actions.