nrfconnect · DematteisGiacomo · Feb 26, 2026 · trantanen · Mar 2, 2026 · tokangas
diff --git a/app/src/sm_at_socket.c b/app/src/sm_at_socket.c
@@ -802,6 +802,12 @@ static int at_sec_sockopt_to_sockopt(enum at_sec_sockopt at_option, int *level,
 	case AT_TLS_DTLS_FRAG_EXT:
 		*option = NRF_SO_SEC_DTLS_FRAG_EXT;
 		break;
+	case AT_TLS_DTLS_CONN_SAVE:
+		*option = NRF_SO_SEC_DTLS_CONN_SAVE;
+		break;
+	case AT_TLS_DTLS_CONN_LOAD:
+		*option = NRF_SO_SEC_DTLS_CONN_LOAD;
+		break;
 	default:
 		LOG_WRN("Unsupported option: %d", at_option);
 		return -ENOTSUP;

diff --git a/app/src/sm_sockopt.h b/app/src/sm_sockopt.h
@@ -37,10 +37,12 @@ enum at_sec_sockopt {
 	AT_TLS_PEER_VERIFY = 5,
 	AT_TLS_SESSION_CACHE = 12,
 	AT_TLS_SESSION_CACHE_PURGE = 13,
-	AT_TLS_DTLS_CID = 14,
-	AT_TLS_DTLS_CID_STATUS = 15,
-	AT_TLS_DTLS_HANDSHAKE_TIMEO = 18,
-	AT_TLS_DTLS_FRAG_EXT = 22
+	AT_TLS_DTLS_HANDSHAKE_TIMEO = 14,
+	AT_TLS_DTLS_CID = 15,
+	AT_TLS_DTLS_CID_STATUS = 16,
+	AT_TLS_DTLS_CONN_SAVE = 17,
+	AT_TLS_DTLS_CONN_LOAD = 18,
+	AT_TLS_DTLS_FRAG_EXT = 20
 };
 
 /** @} */

diff --git a/doc/app/at_socket.rst b/doc/app/at_socket.rst
@@ -612,7 +612,12 @@ Syntax
 
     * ``<value>`` can be any integer value.
 
-  * ``14`` - ``AT_TLS_DTLS_CID`` (set-only).
+  * ``14`` - ``AT_TLS_DTLS_HANDSHAKE_TIMEO``.
+
+    * ``<value>`` is an integer that indicates the DTLS handshake timeout in seconds.
+      It can be one of the following values: ``1``, ``3``, ``7``, ``15``, ``31``, ``63``, ``123``.
+
+  * ``15`` - ``AT_TLS_DTLS_CID`` (set-only).
 
     * ``<value>`` is an integer that indicates the DTLS connection identifier setting.
       It can be one of the following values:
@@ -623,17 +628,33 @@ Syntax
 
     See `NRF_SO_SEC_DTLS_CID <nrfxlib_dtls_cid_settings_>`_ for more details regarding the allowed values.
 
-  * ``15`` - ``AT_TLS_DTLS_CID_STATUS`` (get-only).
+  * ``16`` - ``AT_TLS_DTLS_CID_STATUS`` (get-only).
     It is the DTLS connection identifier status.
     It can be retrieved after the DTLS handshake.
     See `NRF_SO_SEC_DTLS_CID_STATUS <nrfxlib_dtls_cid_status_>`_ for more details regarding the returned values.
 
-  * ``18`` - ``AT_TLS_DTLS_HANDSHAKE_TIMEO``.
+  * ``17`` - ``AT_TLS_DTLS_CONN_SAVE`` (set-only).
+    Write-only socket option to save DTLS connection.
 
-    * ``<value>`` is an integer that indicates the DTLS handshake timeout in seconds.
-      It can be one of the following values: ``1``, ``3``, ``7``, ``15``, ``31``, ``63``, ``123``.
+    * ``<value>`` must be set to ``0`` to save the DTLS connection state.
+      After this option is successfully called, you must call ``AT_TLS_DTLS_CONN_LOAD`` before continuing to communicate on the socket.
 
-  * ``22`` - ``AT_TLS_DTLS_FRAG_EXT``.
+      This is only supported by the following modem firmware:
+        * mfw_nrf9160 v1.3.5 or later
+        * mfw_nrf91x1
+        * mfw_nrf9151-ntn
+
+  * ``18`` - ``AT_TLS_DTLS_CONN_LOAD`` (set-only).
+    Write-only socket option to load DTLS connection.
+
+    * ``<value>`` must be set to ``1`` to load the previously saved DTLS connection state.
+
+      This is only supported by the following modem firmware:
+        * mfw_nrf9160 v1.3.5 or later
+        * mfw_nrf91x1
+        * mfw_nrf9151-ntn
+
+  * ``20`` - ``AT_TLS_DTLS_FRAG_EXT``.
 
     * ``<value>`` is an integer that indicates the use of the DTLS fragmentation extension specified in RFC 6066.
       It can be one of the following values:
@@ -643,7 +664,6 @@ Syntax
       * ``2`` - ``DTLS_FRAG_EXT_1024_ENABLED``.
 
       This is only supported by the following modem firmware:
-
         * mfw_nrf91x1 v2.0.4 or later
         * mfw_nrf9151-ntn