Run the following debugs in the CLI:
# nacdebug -name MSInTuneServer true
# nacdebug -name MdmServer true
2) Run manual MDM poll for Intune. Network -> Service Connectors and select the Intune Connector.
3) Open the CLI as root and type:
# less output.master
Type '/' to do a search and look for MSInTuneServer FINER (this will be case-sensitive).
If the 'Authorization: Bearer' line has a token listed but you still get in the lines underneath:
401 : Unauthorized <-----The real error.
HTTP/1.1 401 Unauthorized
Transfer-Encoding : chunked
Strict-Transport-Security : max-age=31536000
Then validate the user that created the connector in the FortiNAC and the Service in Intune still have the proper permissions.
Other options include using the Microsoft tool Graph Explorer at https://developer.microsoft.com/en-us/graph/graph-explorer in order to send out the API Get and replicate the issue outside the FortiNAC.