Oh, I see! Yes, the application would handle the redirect in that case instead of a rule.
You could alter your rule to instead add a flag in the ID token that will let your app know that the user requires onboarding:
function (user, context, callback) {
var loginCount = context.stats && context.stats.loginsCount ? context.stats.loginsCount : 0;
var namespace = "http://your-app-uri"; // a namespace is required for custom claims to avoid collision
if (loginCount <= 1) {
context.idToken[namespace + 'requiresOnboarding'] = true;
}
return callback(null, user, context);
}
Here is info about setting up a single callback URL in your app that handles redirects: