I have a number of PPPoE customers that I need to create a firewall rule like this one when their session comes up:

20 chain=forward action=change-mss new-mss=clamp-to-pmtu passthrough=no
tcp-flags=syn protocol=tcp in-interface=<pppoe-username> tcp-mss=1453-65535
log=no log-prefix=""

21 chain=forward action=change-mss new-mss=clamp-to-pmtu passthrough=no
tcp-flags=syn protocol=tcp out-interface=<pppoe-username>
tcp-mss=1453-65535 log=no log-prefix=""

I want to use the On Up script section in my PPP server. How would I create these rules as users authenticate?

Create a profile for each user.
Run the script via the profile on up/down
Or maybe I did not understood your question?

As mentioned by @inteq you can set on-up script on ppp profile. But no need to create each profile for each user just to create new change mss script.
Just copy the script below and paste on the ppp profile default / default-encryption script if currently you only use default / default-encryption profile.

On Up Script :

on Down Script :

The script above will create a new firewall on new ppp interface and use the username as comment when the ppp user logged in. When the user logged out, the mangle rule will be deleted.