OpenAPI validation not working for array parameters passed through query string

Hello guys.

I'm trying to use an openapi doc  to validate all the web api calls made to one of our web apps. I've already uploaded the openapi doc and set everything up. However, there's an issue: it seems like FWB can't handle array parameters passed through query string and it  will always consider them a violation of the openapi docs.

Here's a snippet of our openapi doc that is used for validation:

openapi:  3.0.1 ... /api/pedidosassistencias/pesquisa:     get: ...       parameters:         - name:  estados           in:  query           schema:             type:  array             items:               $ref:  '#/components/schemas/EstadoPedido'             description:  Estados do pedido a filtrar ...

`EstadoPedido` is an enum and the openapi doc does enforce those values (the ones passed on the next snippet are all valid). We've tried several different strategies in order to pass the array through the query string:

// several parameters option 1 (should WORK) https://XXX/api/pedidosassistencias/pesquisa?estados=2&estados=3&idLocalTrabalho=100  // several parameters option 2 https://XXX/api/pedidosassistencias/pesquisa?estados[]=2&estados[]=3&idLocalTrabalho=100  // several parameters option 3 https://XXX/api/pedidosassistencias/pesquisa?estados[0]=2&estados[1]=3&idLocalTrabalho=100

IMO, option 1 should work without any issues (at least, that's is that the parameter serialization docs seem to imply). However, all of them are being blocked by FortiWeb with an Openapi Validation Violation error (Openapi Query Parameter Violation). 

Has anyone managed to get this kind of scenario working properly?