diff --git a/compose/base.yml b/compose/base.yml
index 16ecbe47..8a694996 100644
--- a/compose/base.yml
+++ b/compose/base.yml
@@ -11,9 +11,8 @@ services:
 
   # Lookup proxy service
   lookupproxy:
-    build:
-      context: .
-      dockerfile: ./lookupproxy.Dockerfile
+    image: uisautomation/lookupproxy
+    entrypoint: ["/tmp/wait-for-it.sh", "lookupproxy-db:5432", "--", "/tmp/start-devserver.sh"]
     expose:
       - "8080"
     ports:
@@ -23,6 +22,10 @@ services:
       - "hydra"
     env_file:
       - lookupproxy.env
+    volumes:
+      - ./start-devserver.sh:/tmp/start-devserver.sh
+      - ./wait-for-it.sh:/tmp/wait-for-it.sh
+      - ./lookupproxysettings.py:/usr/src/app/settings.py
   lookupproxy-db:
     image: postgres
     env_file:
diff --git a/compose/create-oauth2-clients.sh b/compose/create-oauth2-clients.sh
index 5074348c..29022a87 100755
--- a/compose/create-oauth2-clients.sh
+++ b/compose/create-oauth2-clients.sh
@@ -16,6 +16,7 @@ hydra connect \
 # corresponding clients did not exist
 hydra clients delete smswebapp || echo "-- smswebapp not deleted"
 hydra clients delete lookupproxy || echo "-- lookupproxy not deleted"
+hydra clients delete lookupproxyserver || echo "-- lookupproxyserver not deleted"
 
 # Create smswebapp client which can request scopes to access the lookup proxy
 # and to introspect tokens from hydra.
@@ -34,6 +35,13 @@ hydra clients create \
     --response-types token \
     --allowed-scopes lookup:anonymous
 
+# Create lookupproxyserver client which can request scopes to introspect tokens
+hydra clients create \
+    --id lookupproxyserver --secret lookupproxysecret \
+    --grant-types client_credentials \
+    --response-types token \
+    --allowed-scopes hydra.introspect
+
 # We need to create a Hydra policy allowing the smswebapp to introspect tokens.
 # Delete a policy if it is already in place and re-create it
 hydra policies delete introspect-policy \
diff --git a/compose/lookupproxy.Dockerfile b/compose/lookupproxy.Dockerfile
deleted file mode 100644
index 69d25ef6..00000000
--- a/compose/lookupproxy.Dockerfile
+++ /dev/null
@@ -1,22 +0,0 @@
-FROM uisautomation/django:2.0-py3.6
-
-# Do everything relative to /usr/src/app which is where we install our
-# application.
-WORKDIR /usr/src/app
-
-# Clone latest lookupproxy source
-RUN \
-	git clone https://github.com/uisautomation/lookupproxy /usr/src/app && \
-	apk add postgresql-dev gcc musl-dev && \
-	pip install -r requirements.txt && \
-	pip install -r requirements_developer.txt
-
-# Copy startup script
-ADD ./start-devserver.sh ./wait-for-it.sh /tmp/
-
-# By default, use the Django development server to serve the application and use
-# developer-specific settings.
-#
-# *DO NOT DEPLOY THIS TO PRODUCTION*
-ENV DJANGO_SETTINGS_MODULE lookupproxy.settings_developer
-ENTRYPOINT ["/tmp/wait-for-it.sh", "lookupproxy-db:5432", "--", "/tmp/start-devserver.sh"]
diff --git a/compose/lookupproxy.env b/compose/lookupproxy.env
index 906959de..f9a3ccd4 100644
--- a/compose/lookupproxy.env
+++ b/compose/lookupproxy.env
@@ -5,7 +5,7 @@
 PORT=8080
 
 # Use the developer-specific settings.
-DJANGO_SETTINGS_MODULE=lookupproxy.settings.developer
+DJANGO_SETTINGS_MODULE=settings
 
 # Set the secret key.
 DJANGO_SECRET_KEY="$zaxY\Vowc,sp9EIs31cj^T5C~0D%5HI[<Xa9P,[jxr=X67}"
@@ -22,5 +22,11 @@ POSTGRES_DB=lookupproxy
 POSTGRES_USER=lookupproxyuser
 POSTGRES_PASSWORD=databasePass
 
+OAUTH2_TOKEN_URL=http://hydra:4444/oauth2/token
+OAUTH2_INTROSPECT_URL=http://hydra:4444/oauth2/introspect
+OAUTH2_AUTH_URL=http://localhost:4444/oauth2/auth
+OAUTH2_CLIENT_ID=lookupproxyserver
+OAUTH2_CLIENT_SECRET=lookupproxysecret
+
 # To allow talking to OAuth2 endpoint over HTTP
 OAUTHLIB_INSECURE_TRANSPORT=1
diff --git a/compose/lookupproxysettings.py b/compose/lookupproxysettings.py
new file mode 100644
index 00000000..bbae418e
--- /dev/null
+++ b/compose/lookupproxysettings.py
@@ -0,0 +1,38 @@
+import os
+
+from lookupproxy.settings.base import *  # noqa: F403
+
+DEBUG = True
+
+ALLOWED_HOSTS = ['*']
+
+OAUTH2_TOKEN_URL = os.environ.get('OAUTH2_TOKEN_URL')
+OAUTH2_INTROSPECT_URL = os.environ.get('OAUTH2_INTROSPECT_URL')
+OAUTH2_CLIENT_ID = os.environ.get('OAUTH2_CLIENT_ID')
+OAUTH2_CLIENT_SECRET = os.environ.get('OAUTH2_CLIENT_SECRET')
+OAUTH2_INTROSPECT_SCOPES = ['hydra.introspect']
+
+SWAGGER_SETTINGS['SECURITY_DEFINITIONS']['oauth2']['authorizationUrl'] = (  # noqa: F405
+    os.environ.get('OAUTH2_AUTH_URL')
+)
+
+# For the moment, the lookup certificates in test do not match the root hard-coded into the client.
+LOOKUP_API_ENDPOINT_HOST = 'www.lookup.cam.ac.uk'
+
+# Ensure that logging is shown in the console.
+LOGGING = {
+    'version': 1,
+    'disable_existing_loggers': False,
+    'handlers': {
+        'console': {
+            'class': 'logging.StreamHandler',
+        },
+    },
+    'loggers': {
+        '': {
+            'handlers': ['console'],
+            'level': 'INFO',
+            'propagate': True,
+        },
+    },
+}