The first user in Chronograf is granted with Admin privileges, all new users are granted with the default role for their organizations.
It is possible to map a github org to a chronograf org and set the defaut role for that org, this way the first time the user logs in it has the "expected" privileges.
Chronograf roles are:
- member (default role if the default organization role is not set, cannot do anything and needs action of the Admin to grant another role)
- viewer (view only, but can use the Explore tool and create queries)
- editor (can edit and create new dashboards for instance)