I would like first-time login users to be redirected to OIM change password page and then to OIM change security/challenge questions page.
For the first one (redirection to change password page after first login), I have no problem as the only thing to do is to check the option "user must change password at the first time" in OID and so first time login users will be presented with SSO change password and then redirected to their home page.
But what I want is after user successfully change their password, they will be redirected to change security/challenge questions-answer page before being finally redirected to their homepage. This process should happen only at the first time login.
I think you might have been able to figure out the solution by now. But anyway, I found something under OIM, Managing Profile section and believe this is what you have been looking for:
PCQ.FORCE_SET_QUES: Determines if new users must set up challenge questions upon logging into the application for the first time, or if new users can skip this step and do it later. New users are redirected to the Self.jspx page where the user can select challenge questions. This page includes a Skip button so that users can skip the challenge question set up process.