This is exactly what I thought after your first response. If you don’t need it to be part of the auth event then just handle it in the frontend.
You can use context.stats.loginsCount in rules to see how many logins the user has (or undefined). And you can add that number (or just a first login flag) to the token using a custom claim. You may need to write out some conditional logic. Let me know if you run into anything else.
https://auth0.com/docs/scopes/current/sample-use-cases#add-custom-claims-to-a-token