UMA might be overkill for this use case.
Can you just make your application smarter? It can check for the claim and present the form (use the SCIM API to update the user entry in the Gluu Server).
You could also proxy the application with Apache ir nginx and use the "require claim" syntax of mod_auth_openidc from Zmartzone.
If you use UMA for this, you will need to make the application an UMA client (i.e. understand UMA tokens, and how to obtain them). Then you could use the consent gathering flow if the RPT policy fails. So you could definitely use UMA for this, but it's a pretty simple requirement, so I'm not sure it's worth it.
BTW, we are working on updating Gluu Gateway to handle exactly this scenario. ETA two months to ship the feature though.