Where, in the login process, is the Fingerprint device info collected?

I have a situation where normal login gathers the info properly, stores it or compares it in the Fingerprint DB properly. But when doing a forceAuth=true login, with User ID, password, and a Target URL that is protected by the same contract (the one with the Risk Based Policy), no device info is collected.

We verified this via testing, and had the same user login manually and got a valid fingerprint. Login again, and the compare works. Then go in thru the bridging process that uses forceAuth=true, and the same browser, but we get Currently fetched device info: null

We do Post Login Fingerprinting. My thoughts are something in the forceAuth process is not kicking off the Fingerprint Collection.