I used the Apiman API to add the Keycloak plugin to a service.
According to https://github.com/apiman/apiman-plugins/blob/1.1.x/keycloak-oauth-policy/src/main/apiman/policyDefs/schemas/keycloak-oauth-policyDef.schema the property stripTokens and delegateKerberosTicket have default value 'False'.

Only when I ommit them in the API call the default value is not set. I do not get a warning in when Resulting in NullpointerExceptions at runtime.