diff --git a/sdk/keyvault/keyvault-keys/CHANGELOG.md b/sdk/keyvault/keyvault-keys/CHANGELOG.md
index b511d328a965..d173786568d4 100644
--- a/sdk/keyvault/keyvault-keys/CHANGELOG.md
+++ b/sdk/keyvault/keyvault-keys/CHANGELOG.md
@@ -9,6 +9,7 @@
 - Added support for automated key rotation in Azure Key Vault.
   - Added `KeyClient.rotateKey` to rotate a key on-demand.
   - Added `KeyClient.updateKeyRotationPolicy` to update a key's automated rotation policy.
+- Added `JsonWebKey.key_ops` property to `JsonWebKey` in addition to the existing `JsonWebKey.keyOps` property in order to comply with the JSON Web Key spec.
 
 ### Breaking Changes
 
diff --git a/sdk/keyvault/keyvault-keys/review/keyvault-keys.api.md b/sdk/keyvault/keyvault-keys/review/keyvault-keys.api.md
index c92d4e7a78ed..b7fe9854b89f 100644
--- a/sdk/keyvault/keyvault-keys/review/keyvault-keys.api.md
+++ b/sdk/keyvault/keyvault-keys/review/keyvault-keys.api.md
@@ -211,6 +211,8 @@ export interface JsonWebKey {
     dq?: Uint8Array;
     e?: Uint8Array;
     k?: Uint8Array;
+    key_ops?: KeyOperation[];
+    // @deprecated
     keyOps?: KeyOperation[];
     kid?: string;
     kty?: KeyType;
diff --git a/sdk/keyvault/keyvault-keys/src/cryptographyClientModels.ts b/sdk/keyvault/keyvault-keys/src/cryptographyClientModels.ts
index e6dfdb66c2d8..40924d089c2f 100644
--- a/sdk/keyvault/keyvault-keys/src/cryptographyClientModels.ts
+++ b/sdk/keyvault/keyvault-keys/src/cryptographyClientModels.ts
@@ -1,10 +1,9 @@
 // Copyright (c) Microsoft Corporation.
 // Licensed under the MIT license.
 
-import { CryptographyOptions, KeyVaultKey } from "./keysModels";
+import { CryptographyOptions, KeyVaultKey, JsonWebKey } from "./keysModels";
 
 import {
-  JsonWebKey,
   JsonWebKeyCurveName as KeyCurveName,
   KnownJsonWebKeyCurveName as KnownKeyCurveNames,
   JsonWebKeyEncryptionAlgorithm as EncryptionAlgorithm,
diff --git a/sdk/keyvault/keyvault-keys/src/keysModels.ts b/sdk/keyvault/keyvault-keys/src/keysModels.ts
index 6fa6f9f9414c..b3560f175da7 100644
--- a/sdk/keyvault/keyvault-keys/src/keysModels.ts
+++ b/sdk/keyvault/keyvault-keys/src/keysModels.ts
@@ -49,8 +49,15 @@ export interface JsonWebKey {
   /**
    * Json web key operations. For more
    * information on possible key operations, see KeyOperation.
+   *
+   * @deprecated Use {@link key_ops} instead. keyOps will be removed in version 5.x of `@azure/keyvault-keys`.
    */
   keyOps?: KeyOperation[];
+  /**
+   * Json web key operations. For more
+   * information on possible key operations, see KeyOperation.
+   */
+  key_ops?: KeyOperation[];
   /**
    * RSA modulus.
    */
diff --git a/sdk/keyvault/keyvault-keys/src/transformations.ts b/sdk/keyvault/keyvault-keys/src/transformations.ts
index 7f32891212dc..2d1bfdef66ee 100644
--- a/sdk/keyvault/keyvault-keys/src/transformations.ts
+++ b/sdk/keyvault/keyvault-keys/src/transformations.ts
@@ -14,8 +14,6 @@ import { parseKeyVaultKeyIdentifier } from "./identifier";
 import {
   DeletedKey,
   KeyVaultKey,
-  JsonWebKey,
-  KeyOperation,
   KeyProperties,
   KeyRotationPolicy,
   KeyRotationPolicyProperties
@@ -37,10 +35,10 @@ export function getKeyFromKeyBundle(
   delete keyBundle.attributes;
 
   const resultObject: KeyVaultKey | DeletedKey = {
-    key: keyBundle.key as JsonWebKey,
+    key: { ...keyBundle.key, key_ops: keyBundle.key?.keyOps },
     id: keyBundle.key ? keyBundle.key.kid : undefined,
     name: parsedId.name,
-    keyOperations: keyBundle.key ? (keyBundle.key.keyOps as KeyOperation[]) : undefined,
+    keyOperations: keyBundle.key ? keyBundle.key.keyOps : undefined,
     keyType: keyBundle.key ? keyBundle.key.kty : undefined,
     properties: {
       tags: keyBundle.tags,
diff --git a/sdk/keyvault/keyvault-keys/test/internal/transformations.spec.ts b/sdk/keyvault/keyvault-keys/test/internal/transformations.spec.ts
index c94e790d8435..6db613ea90cc 100644
--- a/sdk/keyvault/keyvault-keys/test/internal/transformations.spec.ts
+++ b/sdk/keyvault/keyvault-keys/test/internal/transformations.spec.ts
@@ -59,7 +59,8 @@ describe("Transformations", () => {
         kid:
           "https://azure_managedhsm.managedhsm.azure.net/keys/transformations/f03e8b3d76554e8b9749994bcf72fc61",
         kty: "oct-HSM",
-        keyOps: ["encrypt", "decrypt"]
+        keyOps: ["encrypt", "decrypt"],
+        key_ops: ["encrypt", "decrypt"]
       },
       name: "transformations",
       id:
@@ -126,7 +127,8 @@ describe("Transformations", () => {
         kid:
           "https://azure_managedhsm.managedhsm.azure.net/keys/transformations/f03e8b3d76554e8b9749994bcf72fc61",
         kty: "oct-HSM",
-        keyOps: ["encrypt", "decrypt"]
+        keyOps: ["encrypt", "decrypt"],
+        key_ops: ["encrypt", "decrypt"]
       },
       name: "transformations",
       id: