A few questions to get some more context: why not ask for the first and last name during sign up / registration, why at password reset?
And the second requirement: you want to create user_id entry when a user resets his password at Auth0, but not already at registration? Can you give a bit more context about the use case, because it sounds very uncommon.
Note that you could already ask for firstname and lastname via additional fields in the Lock:
https://auth0.com/docs/libraries/lock/v11/configuration#additionalsignupfields-array-
If you really want to set the additional fields during password reset, it’s best to use your own custom password reset page (hosted on your end) and just call the Management API from there with any additional logic.