diff --git a/requirements/base.txt b/requirements/base.txt
index a73649e86..ef54b2c67 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -22,7 +22,7 @@ django-dotenv==1.4.2
 django-extensions==3.2.1
 django-filter==23.1
 django-model-utils==4.3.1
-django-pipeline==2.1.0
+django-pipeline==3.0.0
 django-sesame==3.2.2
 django-storages==1.13.2
 django-svelte==0.2.1
@@ -97,3 +97,4 @@ WebTest==3.0.0
 whitenoise==6.5.0
 Whoosh==2.7.4
 yanc==0.3.3
+git+https://github.com/DemocracyClub/dc_django_utils.git@7.0.1
diff --git a/ynr/settings/base.py b/ynr/settings/base.py
index fd7bdac87..723537fd9 100644
--- a/ynr/settings/base.py
+++ b/ynr/settings/base.py
@@ -172,6 +172,7 @@ def root(*path):
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
     "candidates.middleware.DisableCachingForAuthenticatedUsers",
     "wombles.middleware.CheckProfileDetailsMiddleware",
+    "dc_utils.middleware.BasicAuthMiddleware",
 )
 
 AUTHENTICATION_BACKENDS = (
@@ -501,3 +502,9 @@ def _is_running_tests():
     from .testing import *  # noqa
 else:
     RUNNING_TESTS = False
+
+# Allowlist of URLs that should be ignored by dc_utils BasicAuthMiddleware
+BASIC_AUTH_ALLOWLIST = [
+    "/api",
+    "/api/*",
+]